Shodan
Vulnerabilities
Vulnerable Software
Gitlab:  >> Gitlab  Security Vulnerabilities
CVE-2020-13323
A vulnerability was discovered in GitLab versions prior 13.1. Under certain conditions private merge requests could be read via Todos
CVSS Score
7.7
EPSS Score
0.001
Published
2020-09-30
CVE-2020-13324
A vulnerability was discovered in GitLab versions prior to 13.1. Under certain conditions the private activity of a user could be exposed via the API.
CVSS Score
6.5
EPSS Score
0.001
Published
2020-09-30
CVE-2020-13325
A vulnerability was discovered in GitLab versions prior 13.1. The comment section of the issue page was not restricting the characters properly, potentially resulting in a denial of service.
CVSS Score
7.1
EPSS Score
0.001
Published
2020-09-30
CVE-2020-13326
A vulnerability was discovered in GitLab versions prior to 13.1. Under certain conditions the restriction for Github project import could be bypassed.
CVSS Score
4.3
EPSS Score
0.001
Published
2020-09-30
CVE-2020-13328
An issue has been discovered in GitLab affecting versions prior to 13.1.2, 13.0.8 and 12.10.13. GitLab was vulnerable to a stored XSS by using the PyPi files API.
CVSS Score
4.8
EPSS Score
0.001
Published
2020-09-30
CVE-2020-13329
An issue has been discovered in GitLab affecting versions from 12.6.2 prior to 12.10.13. GitLab was vulnerable to a stored XSS by in the blob view feature.
CVSS Score
6.5
EPSS Score
0.001
Published
2020-09-30
CVE-2020-13330
An issue has been discovered in GitLab affecting versions prior to 12.10.13. GitLab was vulnerable to a stored XSS in import the Bitbucket project feature.
CVSS Score
4.4
EPSS Score
0.001
Published
2020-09-30
CVE-2020-13303
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Due to improper verification of permissions, an unauthorized user can access a private repository within a public project.
CVSS Score
7.1
EPSS Score
0.001
Published
2020-09-15
CVE-2020-13307
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was not revoking current user sessions when 2 factor authentication was activated allowing a malicious user to maintain their access.
CVSS Score
3.8
EPSS Score
0.002
Published
2020-09-15
CVE-2020-13308
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. A user without 2 factor authentication enabled could be prohibited from accessing GitLab by being invited into a project that had 2 factor authentication inheritance.
CVSS Score
2.7
EPSS Score
0.003
Published
2020-09-15


Products
Pricing
Contact Us

Shodan ® - All rights reserved