Shodan
Vulnerabilities
Vulnerable Software
Gitlab:  >> Gitlab  Security Vulnerabilities
CVE-2020-13311
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Wiki was vulnerable to a parser attack that prohibits anyone from accessing the Wiki functionality through the user interface.
CVSS Score
4.3
EPSS Score
0.002
Published
2020-09-14
CVE-2020-13312
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab OAuth endpoint was vulnerable to brute-force attacks through a specific parameter.
CVSS Score
6.5
EPSS Score
0.001
Published
2020-09-14
CVE-2020-13313
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. An unauthorized project maintainer could edit the subgroup badges due to the lack of authorization control.
CVSS Score
4.3
EPSS Score
0.002
Published
2020-09-14
CVE-2020-13314
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab Omniauth endpoint allowed a malicious user to submit content to be displayed back to the user within error messages.
CVSS Score
3.7
EPSS Score
0.003
Published
2020-09-14
CVE-2020-13317
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8, and 13.3.4. An insufficient check in the GraphQL api allowed a maintainer to delete a repository.
CVSS Score
6.5
EPSS Score
0.002
Published
2020-09-14
CVE-2020-13316
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was not validating a Deploy-Token and allowed a disabled repository be accessible via a git command line.
CVSS Score
5.4
EPSS Score
0.003
Published
2020-09-14
CVE-2020-13318
A vulnerability was discovered in GitLab versions before 13.0.12, 13.1.10, 13.2.8 and 13.3.4. GitLabs EKS integration was vulnerable to a cross-account assume role attack.
CVSS Score
6.4
EPSS Score
0.001
Published
2020-09-14
CVE-2020-13284
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. API Authorization Using Outdated CI Job Token
CVSS Score
6.5
EPSS Score
0.002
Published
2020-09-14
CVE-2020-13287
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Project reporters and above could see confidential EPIC attached to confidential issues
CVSS Score
4.3
EPSS Score
0.003
Published
2020-09-14
CVE-2020-13289
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. In certain cases an invalid username could be accepted when 2FA is activated.
CVSS Score
5.4
EPSS Score
0.002
Published
2020-09-14


Products
Pricing
Contact Us

Shodan ® - All rights reserved