GitLab GitLab Version Control Server and CI/CD Platform

stack.watch can notify you when security vulnerabilities are reported in GitLab. You can add multiple products that you use with GitLab to create your own personal software stack watcher.

By the Year

In 2020 there have been 184 vulnerabilities in GitLab with an average score of 6.2 out of ten. Last year GitLab had 164 security vulnerabilities published. That is, 20 more vulnerabilities have already been reported in 2020 as compared to last year. Last year, the average CVE base score was greater by 0.01

Year Vulnerabilities Average Score
2020 184 6.22
2019 164 6.23
2018 33 7.06

It may take a day or so for new GitLab vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.

Latest GitLab Security Vulnerabilities

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4

CVE-2020-13303 6.5 - Medium - September 15, 2020

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Due to improper verification of permissions, an unauthorized user can access a private repository within a public project.

CVE-2020-13303 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

AuthZ

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4

CVE-2020-13307 4.7 - Medium - September 15, 2020

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was not revoking current user sessions when 2 factor authentication was activated allowing a malicious user to maintain their access.

CVE-2020-13307 can be explotited with network access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.2 out of four. The potential impact of an exploit of this vulnerability is considered to be low. considered to have a small impact on confidentiality and integrity and availability.

Insufficient Session Expiration

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4

CVE-2020-13308 2.7 - Low - September 15, 2020

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. A user without 2 factor authentication enabled could be prohibited from accessing GitLab by being invited into a project that had 2 factor authentication inheritance.

CVE-2020-13308 is exploitable with network access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.2 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a small impact on availability.

Improper Preservation of Permissions

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4

CVE-2020-13301 4.8 - Medium - September 14, 2020

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was vulnerable to a stored XSS on the standalone vulnerability page.

CVE-2020-13301 can be explotited with network access, requires user interaction and user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.7 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

XSS

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4

CVE-2020-13306 7.5 - High - September 14, 2020

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab Webhook feature could be abused to perform denial of service attacks due to the lack of rate limitation.

CVE-2020-13306 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Allocation of Resources Without Limits or Throttling

A vulnerability was discovered in GitLab runner versions before 13.1.3, 13.2.3 and 13.3.1

CVE-2020-13310 6.5 - Medium - September 14, 2020

A vulnerability was discovered in GitLab runner versions before 13.1.3, 13.2.3 and 13.3.1. It was possible to make the gitlab-runner process crash by sending malformed queries, resulting in a denial of service.

CVE-2020-13310 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4

CVE-2020-13297 5.4 - Medium - September 14, 2020

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. When 2 factor authentication was enabled for groups, a malicious user could bypass that restriction by sending a specific query to the API endpoint.

CVE-2020-13297 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

authentification

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4

CVE-2020-13298 5.8 - Medium - September 14, 2020

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Conan package upload functionality was not properly validating the supplied parameters, which resulted in the limited files disclosure.

CVE-2020-13298 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Improper Input Validation

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4

CVE-2020-13304 7.2 - High - September 14, 2020

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Same 2 factor Authentication secret code was generated which resulted an attacker to maintain access under certain conditions.

CVE-2020-13304 is exploitable with network access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.2 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

authentification

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4

CVE-2020-13305 4.3 - Medium - September 14, 2020

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was not invalidating project invitation link upon removing a user from a project.

CVE-2020-13305 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Insufficient Session Expiration

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4

CVE-2020-13302 7.2 - High - September 14, 2020

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Under certain conditions GitLab was not properly revoking user sessions and allowed a malicious user to access a user account with an old password.

CVE-2020-13302 is exploitable with network access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.2 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Insufficient Session Expiration

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4

CVE-2020-13309 8.8 - High - September 14, 2020

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was vulnerable to a blind SSRF attack through the repository mirroring feature.

CVE-2020-13309 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

XSPA

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4

CVE-2020-13315 7.5 - High - September 14, 2020

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. The profile activity page was not restricting the amount of results one could request, potentially resulting in a denial of service.

CVE-2020-13315 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4

CVE-2020-13314 5.3 - Medium - September 14, 2020

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab Omniauth endpoint allowed a malicious user to submit content to be displayed back to the user within error messages.

CVE-2020-13314 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4

CVE-2020-13311 4.3 - Medium - September 14, 2020

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Wiki was vulnerable to a parser attack that prohibits anyone from accessing the Wiki functionality through the user interface.

CVE-2020-13311 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a small impact on availability.

Downstream Injection

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4

CVE-2020-13312 9.8 - Critical - September 14, 2020

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab OAuth endpoint was vulnerable to brute-force attacks through a specific parameter.

CVE-2020-13312 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

Insufficiently Protected Credentials

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4

CVE-2020-13313 4.3 - Medium - September 14, 2020

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. An unauthorized project maintainer could edit the subgroup badges due to the lack of authorization control.

CVE-2020-13313 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.

AuthZ

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8, and 13.3.4

CVE-2020-13317 4.9 - Medium - September 14, 2020

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8, and 13.3.4. An insufficient check in the GraphQL api allowed a maintainer to delete a repository.

CVE-2020-13317 can be explotited with network access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.2 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and no impact on availability.

Improper Input Validation

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4

CVE-2020-13284 6.5 - Medium - September 14, 2020

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. API Authorization Using Outdated CI Job Token

CVE-2020-13284 is exploitable with network access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.2 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.

AuthZ

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4

CVE-2020-13287 4.3 - Medium - September 14, 2020

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Project reporters and above could see confidential EPIC attached to confidential issues

CVE-2020-13287 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

GitLab before version 13.3.4 was vulnerable to an OAuth authorization scope change without user consent in the middle of the authorization flow.

CVE-2020-13300 10 - Critical - September 14, 2020

GitLab before version 13.3.4 was vulnerable to an OAuth authorization scope change without user consent in the middle of the authorization flow.

CVE-2020-13300 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.

AuthZ

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4

CVE-2020-13316 4.3 - Medium - September 14, 2020

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was not validating a Deploy-Token and allowed a disabled repository be accessible via a git command line.

CVE-2020-13316 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

AuthZ

A vulnerability was discovered in GitLab versions before 13.0.12, 13.1.10, 13.2.8 and 13.3.4

CVE-2020-13318 7.3 - High - September 14, 2020

A vulnerability was discovered in GitLab versions before 13.0.12, 13.1.10, 13.2.8 and 13.3.4. GitLabs EKS integration was vulnerable to a cross-account assume role attack.

CVE-2020-13318 is exploitable with network access, requires user interaction and a small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.1 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.

AuthZ

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4

CVE-2020-13289 5.4 - Medium - September 14, 2020

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. In certain cases an invalid username could be accepted when 2FA is activated.

CVE-2020-13289 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

Missing Authentication for Critical Function

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4

CVE-2020-13299 8.1 - High - September 14, 2020

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. The revocation feature was not revoking all session tokens and one could re-use it to obtain a valid session.

CVE-2020-13299 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.

Insufficient Session Expiration

For GitLab before 13.0.12

CVE-2020-13281 6.5 - Medium - August 13, 2020

For GitLab before 13.0.12, 13.1.6, 13.2.3 a denial of service exists in the project import feature

CVE-2020-13281 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Improper Input Validation

For GitLab before 13.0.12, 13.1.6, 13.2.3 user controlled git configuration settings

CVE-2020-13286 4.3 - Medium - August 13, 2020

For GitLab before 13.0.12, 13.1.6, 13.2.3 user controlled git configuration settings can be modified to result in Server Side Request Forgery.

CVE-2020-13286 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.

XSPA

For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting vulnerability exists in the issues list

CVE-2020-13283 5.4 - Medium - August 13, 2020

For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting vulnerability exists in the issues list via milestone title.

CVE-2020-13283 can be explotited with network access, requires user interaction and a small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.3 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

XSS

For GitLab before 13.0.12

CVE-2020-13285 5.4 - Medium - August 13, 2020

For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting vulnerability exists in the issue reference number tooltip.

CVE-2020-13285 can be explotited with network access, requires user interaction and a small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.3 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

XSS

For GitLab before 13.0.12

CVE-2020-13280 6.5 - Medium - August 13, 2020

For GitLab before 13.0.12, 13.1.6, 13.2.3 a memory exhaustion flaw exists due to excessive logging of an invite email error message.

CVE-2020-13280 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Uncontrolled Resource Consumption ('Resource Exhaustion')

For GitLab before 13.0.12, 13.1.6, 13.2.3 after a group transfer occurs, members

CVE-2020-13282 3.5 - Low - August 13, 2020

For GitLab before 13.0.12, 13.1.6, 13.2.3 after a group transfer occurs, members from a parent group keep their access level on the subgroup leading to improper access.

CVE-2020-13282 is exploitable with network access, requires user interaction and user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.9 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

Improper Preservation of Permissions

In GitLab before 13.0.12

CVE-2020-13288 4.8 - Medium - August 12, 2020

In GitLab before 13.0.12, 13.1.6, and 13.2.3, a stored XSS vulnerability exists in the CI/CD Jobs page

CVE-2020-13288 is exploitable with network access, requires user interaction and user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.7 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

XSS

In GitLab before 13.2.3, project sharing could temporarily

CVE-2020-13291 8.1 - High - August 12, 2020

In GitLab before 13.2.3, project sharing could temporarily allow too permissive access.

CVE-2020-13291 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.

In GitLab before 13.0.12

CVE-2020-13290 7.2 - High - August 12, 2020

In GitLab before 13.0.12, 13.1.6, and 13.2.3, improper access control was used on the Applications page

CVE-2020-13290 is exploitable with network access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.2 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass E-mail verification

CVE-2020-13292 9.6 - Critical - August 10, 2020

In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass E-mail verification which is required for OAuth Flow.

CVE-2020-13292 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 3.1 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.

authentification

In GitLab before 13.0.12

CVE-2020-13293 7.1 - High - August 10, 2020

In GitLab before 13.0.12, 13.1.6 and 13.2.3 using a branch with a hexadecimal name could override an existing hash.

CVE-2020-13293 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and a small impact on availability.

Incorrect Type Conversion or Cast

In GitLab before 13.0.12

CVE-2020-13294 5.4 - Medium - August 10, 2020

In GitLab before 13.0.12, 13.1.6 and 13.2.3, access grants were not revoked when a user revoked access to an application.

CVE-2020-13294 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

GitLab EE 11.3 through 13.1.2 has Incorrect Access Control

CVE-2020-15525 5.3 - Medium - July 07, 2020

GitLab EE 11.3 through 13.1.2 has Incorrect Access Control because of the Maven package upload endpoint.

CVE-2020-15525 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Improper Privilege Management

Kubernetes cluster token disclosure in GitLab CE/EE 10.3 and later through 13.0.1

CVE-2020-13264 5.3 - Medium - June 19, 2020

Kubernetes cluster token disclosure in GitLab CE/EE 10.3 and later through 13.0.1 allows other group maintainers to view Kubernetes cluster token

CVE-2020-13264 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Information Leak

An authorization issue relating to project maintainer impersonation was identified in GitLab EE 9.5 and later through 13.0.1

CVE-2020-13263 8.8 - High - June 19, 2020

An authorization issue relating to project maintainer impersonation was identified in GitLab EE 9.5 and later through 13.0.1 that could allow unauthorized users to impersonate as a maintainer to perform limited actions.

CVE-2020-13263 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

AuthZ

Amazon EKS credentials disclosure in GitLab CE/EE 12.6 and later through 13.0.1

CVE-2020-13261 2.7 - Low - June 19, 2020

Amazon EKS credentials disclosure in GitLab CE/EE 12.6 and later through 13.0.1 allows other administrators to view Amazon EKS credentials via HTML source code

CVE-2020-13261 can be explotited with network access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.2 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Insufficiently Protected Credentials

Client-Side code injection through Mermaid markup in GitLab CE/EE 12.9 and later through 13.0.1

CVE-2020-13262 6.1 - Medium - June 19, 2020

Client-Side code injection through Mermaid markup in GitLab CE/EE 12.9 and later through 13.0.1 allows a specially crafted Mermaid payload to PUT requests on behalf of other users via clicking on a link

CVE-2020-13262 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

XSS

User email verification bypass in GitLab CE/EE 12.5 and later through 13.0.1

CVE-2020-13265 5.3 - Medium - June 19, 2020

User email verification bypass in GitLab CE/EE 12.5 and later through 13.0.1 allows user to bypass email verification

CVE-2020-13265 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.

Insufficient Verification of Data Authenticity

OAuth flow missing verification checks CE/EE 12.3 and later through 13.0.1

CVE-2020-13272 8.8 - High - June 19, 2020

OAuth flow missing verification checks CE/EE 12.3 and later through 13.0.1 allows unverified user to use OAuth authorization code flow

CVE-2020-13272 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

AuthZ

A Denial of Service vulnerability

CVE-2020-13273 7.5 - High - June 19, 2020

A Denial of Service vulnerability allowed exhausting the system resources in GitLab CE/EE 12.0 and later through 13.0.1

CVE-2020-13273 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Uncontrolled Resource Consumption ('Resource Exhaustion')

A user with an unverified email address could request an access to domain restricted groups in GitLab EE 12.2 and later through 13.0.1

CVE-2020-13275 8.1 - High - June 19, 2020

A user with an unverified email address could request an access to domain restricted groups in GitLab EE 12.2 and later through 13.0.1

CVE-2020-13275 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.

AuthZ

User is allowed to set an email as a notification email even without verifying the new email in all previous GitLab CE/EE versions through 13.0.1

CVE-2020-13276 4.3 - Medium - June 19, 2020

User is allowed to set an email as a notification email even without verifying the new email in all previous GitLab CE/EE versions through 13.0.1

CVE-2020-13276 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.

AuthZ

A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions through 13.0.1

CVE-2020-13274 7.5 - High - June 19, 2020

A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions through 13.0.1

CVE-2020-13274 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Uncontrolled Resource Consumption ('Resource Exhaustion')

An authorization issue in the mirroring logic

CVE-2020-13277 6.5 - Medium - June 19, 2020

An authorization issue in the mirroring logic allowed read access to private repositories in GitLab CE/EE 10.6 and later through 13.0.5

CVE-2020-13277 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

AuthZ

A Stored Cross-Site Scripting vulnerability

CVE-2020-13267 6.1 - Medium - June 10, 2020

A Stored Cross-Site Scripting vulnerability allowed the execution on Javascript payloads on the Metrics Dashboard in GitLab CE/EE 12.8 and later through 13.0.1

CVE-2020-13267 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

XSS

A Reflected Cross-Site Scripting vulnerability

CVE-2020-13269 6.1 - Medium - June 10, 2020

A Reflected Cross-Site Scripting vulnerability allowed the execution of arbitrary Javascript code on the Static Site Editor in GitLab CE/EE 12.10 and later through 13.0.1

CVE-2020-13269 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

XSS

A Stored Cross-Site Scripting vulnerability

CVE-2020-13271 6.1 - Medium - June 10, 2020

A Stored Cross-Site Scripting vulnerability allowed the execution of arbitrary Javascript code in the blobs API in all previous GitLab CE/EE versions through 13.0.1

CVE-2020-13271 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

XSS

A specially crafted request could be used to confirm the existence of files hosted on object storage services

CVE-2020-13268 5.3 - Medium - June 10, 2020

A specially crafted request could be used to confirm the existence of files hosted on object storage services, without disclosing their contents. This vulnerability affects GitLab CE/EE 12.10 and later through 13.0.1

CVE-2020-13268 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Improper Input Validation

Missing permission check on fork relation creation in GitLab CE/EE 11.3 and later through 13.0.1

CVE-2020-13270 8.8 - High - June 10, 2020

Missing permission check on fork relation creation in GitLab CE/EE 11.3 and later through 13.0.1 allows guest users to create a fork relation on restricted public projects via API

CVE-2020-13270 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Incorrect Default Permissions

Insecure authorization in Project Deploy Keys in GitLab CE/EE 12.8 and later through 13.0.1

CVE-2020-13266 4.3 - Medium - June 09, 2020

Insecure authorization in Project Deploy Keys in GitLab CE/EE 12.8 and later through 13.0.1 allows users to update permissions of other users' deploy keys under certain conditions

CVE-2020-13266 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.

AuthZ

GitLab EE 12.8 and later

CVE-2020-12448 5.3 - Medium - May 07, 2020

GitLab EE 12.8 and later allows Exposure of Sensitive Information to an Unauthorized Actor via NuGet.

CVE-2020-12448 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Directory traversal

GitLab 12.6 through 12.9 is vulnerable to a privilege escalation

CVE-2020-12275 5.3 - Medium - April 29, 2020

GitLab 12.6 through 12.9 is vulnerable to a privilege escalation that allows an external user to create a personal snippet through the API.

CVE-2020-12275 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.

Improper Privilege Management

GitLab 9.5.9 through 12.9 is vulnerable to stored XSS in an admin notification feature.

CVE-2020-12276 4.8 - Medium - April 29, 2020

GitLab 9.5.9 through 12.9 is vulnerable to stored XSS in an admin notification feature.

CVE-2020-12276 is exploitable with network access, requires user interaction and user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.7 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

XSS

GitLab 10.8 through 12.9 has a vulnerability

CVE-2020-12277 5.3 - Medium - April 29, 2020

GitLab 10.8 through 12.9 has a vulnerability that allows someone to mirror a repository even if the feature is not activated.

CVE-2020-12277 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.

Incorrect Default Permissions

An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 12.7.9

CVE-2020-11505 7.5 - High - April 22, 2020

An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 12.7.9, 12.8.x before 12.8.9, and 12.9.x before 12.9.3. A Workhorse bypass could lead to NuGet package and file disclosure (Exposure of Sensitive Information) via request smuggling.

CVE-2020-11505 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

An issue was discovered in GitLab 10.7.0 and later through 12.9.2

CVE-2020-11506 7.5 - High - April 22, 2020

An issue was discovered in GitLab 10.7.0 and later through 12.9.2. A Workhorse bypass could lead to job artifact uploads and file disclosure (Exposure of Sensitive Information) via request smuggling.

CVE-2020-11506 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

An issue was discovered in GitLab CE and EE 8.15 through 12.9.2

CVE-2020-11649 6.5 - Medium - April 22, 2020

An issue was discovered in GitLab CE and EE 8.15 through 12.9.2. Members of a group could still have access after the group is deleted.

CVE-2020-11649 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Missing Authentication for Critical Function

GitLab EE/CE 10.8 to 12.9 is leaking metadata and comments on vulnerabilities to unauthorized users on the vulnerability feedback page.

CVE-2020-10975 4.3 - Medium - April 08, 2020

GitLab EE/CE 10.8 to 12.9 is leaking metadata and comments on vulnerabilities to unauthorized users on the vulnerability feedback page.

CVE-2020-10975 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Information Leak

GitLab EE/CE 8.17 to 12.9 is vulnerable to information leakage when querying a merge request widget.

CVE-2020-10976 7.5 - High - April 08, 2020

GitLab EE/CE 8.17 to 12.9 is vulnerable to information leakage when querying a merge request widget.

CVE-2020-10976 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an issue between projects.

CVE-2020-10977 5.5 - Medium - April 08, 2020

GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an issue between projects.

CVE-2020-10977 can be explotited with local system access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Directory traversal

GitLab EE/CE 8.11 to 12.9 is leaking information on Issues opened in a public project and then moved to a private project through Web-UI and GraphQL API.

CVE-2020-10978 5.3 - Medium - April 08, 2020

GitLab EE/CE 8.11 to 12.9 is leaking information on Issues opened in a public project and then moved to a private project through Web-UI and GraphQL API.

CVE-2020-10978 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Information Leak

GitLab EE/CE 11.10 to 12.9 is leaking information on restricted CI pipelines metrics to unauthorized users.

CVE-2020-10979 4.3 - Medium - April 08, 2020

GitLab EE/CE 11.10 to 12.9 is leaking information on restricted CI pipelines metrics to unauthorized users.

CVE-2020-10979 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Information Leak

GitLab EE/CE 8.0.rc1 to 12.9 is vulnerable to a blind SSRF in the FogBugz integration.

CVE-2020-10980 9.8 - Critical - April 08, 2020

GitLab EE/CE 8.0.rc1 to 12.9 is vulnerable to a blind SSRF in the FogBugz integration.

CVE-2020-10980 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

XSPA

GitLab EE/CE 9.0 to 12.9

CVE-2020-10981 4.3 - Medium - April 08, 2020

GitLab EE/CE 9.0 to 12.9 allows a maintainer to modify other maintainers' pipeline trigger descriptions within the same project.

CVE-2020-10981 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.

Improper Input Validation

GitLab EE/CE 8.11 through 12.9.1

CVE-2020-10952 6.5 - Medium - March 27, 2020

GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images.

CVE-2020-10952 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

AuthZ

GitLab through 12.9 is affected by a potential DoS in repository archive download.

CVE-2020-10954 7.5 - High - March 27, 2020

GitLab through 12.9 is affected by a potential DoS in repository archive download.

CVE-2020-10954 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Uncontrolled Resource Consumption ('Resource Exhaustion')

GitLab 8.10 and later through 12.9 is vulnerable to an SSRF in a project import note feature.

CVE-2020-10956 9.8 - Critical - March 27, 2020

GitLab 8.10 and later through 12.9 is vulnerable to an SSRF in a project import note feature.

CVE-2020-10956 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

XSPA

GitLab EE/CE 11.1 through 12.9 is vulnerable to parameter tampering on an upload feature

CVE-2020-10955 6.5 - Medium - March 27, 2020

GitLab EE/CE 11.1 through 12.9 is vulnerable to parameter tampering on an upload feature that allows an unauthorized user to read content available under specific folders.

CVE-2020-10955 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

In GitLab EE 11.7 through 12.9

CVE-2020-10953 7.5 - High - March 27, 2020

In GitLab EE 11.7 through 12.9, the NPM feature is vulnerable to a path traversal issue.

CVE-2020-10953 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Directory traversal

GitLab 10.1 through 12.8.1 has Incorrect Access Control

CVE-2020-10074 9.8 - Critical - March 13, 2020

GitLab 10.1 through 12.8.1 has Incorrect Access Control. A scenario was discovered in which a GitLab account could be taken over through an expired link.

CVE-2020-10074 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

GitLab 12.5 through 12.8.1 allows HTML Injection

CVE-2020-10075 6.1 - Medium - March 13, 2020

GitLab 12.5 through 12.8.1 allows HTML Injection. A particular error header was potentially susceptible to injection or potentially other vulnerabilities via unescaped input.

CVE-2020-10075 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

Downstream Injection

GitLab 12.1 through 12.8.1 allows XSS

CVE-2020-10076 6.1 - Medium - March 13, 2020

GitLab 12.1 through 12.8.1 allows XSS. A stored cross-site scripting vulnerability was discovered when displaying merge requests.

CVE-2020-10076 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

XSS

GitLab EE 12.4.2 through 12.8.1 allows Denial of Service

CVE-2020-10073 7.5 - High - March 13, 2020

GitLab EE 12.4.2 through 12.8.1 allows Denial of Service. It was internally discovered that a potential denial of service involving permissions checks could impact a project home page.

CVE-2020-10073 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

AuthZ

GitLab EE 3.0 through 12.8.1 allows SSRF

CVE-2020-10077 9.8 - Critical - March 13, 2020

GitLab EE 3.0 through 12.8.1 allows SSRF. An internal investigation revealed that a particular deprecated service was creating a server side request forgery risk.

CVE-2020-10077 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulneraility has a high impact to the confidentiality, integrity and availability of this component.

XSPA

GitLab 12.1 through 12.8.1 allows XSS

CVE-2020-10078 6.1 - Medium - March 13, 2020

GitLab 12.1 through 12.8.1 allows XSS. The merge request submission form was determined to have a stored cross-site scripting vulnerability.

CVE-2020-10078 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

XSS

GitLab 7.10 through 12.8.1 has Incorrect Access Control

CVE-2020-10079 5.3 - Medium - March 13, 2020

GitLab 7.10 through 12.8.1 has Incorrect Access Control. Under certain conditions where users should have been required to configure two-factor authentication, it was not being required.

CVE-2020-10079 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.

Missing Authentication for Critical Function

GitLab 8.3 through 12.8.1 allows Information Disclosure

CVE-2020-10080 5.3 - Medium - March 13, 2020

GitLab 8.3 through 12.8.1 allows Information Disclosure. It was possible for certain non-members to access the Contribution Analytics page of a private group.

CVE-2020-10080 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Information Leak

GitLab before 12.8.2 has Incorrect Access Control

CVE-2020-10081 6.5 - Medium - March 13, 2020

GitLab before 12.8.2 has Incorrect Access Control. It was internally discovered that the LFS import process could potentially be used to incorrectly access LFS objects not owned by the user.

CVE-2020-10081 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

AuthZ

GitLab 12.2 through 12.8.1 allows Denial of Service

CVE-2020-10082 5.3 - Medium - March 13, 2020

GitLab 12.2 through 12.8.1 allows Denial of Service. A denial of service vulnerability impacting the designs for public issues was discovered.

CVE-2020-10082 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a small impact on availability.

GitLab 12.7 through 12.8.1 has Insecure Permissions

CVE-2020-10083 9.1 - Critical - March 13, 2020

GitLab 12.7 through 12.8.1 has Insecure Permissions. Under certain conditions involving groups, project authorization changes were not being applied.

CVE-2020-10083 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.

Improper Preservation of Permissions

GitLab 12.3.5 through 12.8.1 allows Information Disclosure

CVE-2020-10085 5.3 - Medium - March 13, 2020

GitLab 12.3.5 through 12.8.1 allows Information Disclosure. A particular view was exposing merge private merge request titles.

CVE-2020-10085 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Information Leak

GitLab 10.4 through 12.8.1 allows Directory Traversal

CVE-2020-10086 5.3 - Medium - March 13, 2020

GitLab 10.4 through 12.8.1 allows Directory Traversal. A particular endpoint was vulnerable to a directory traversal vulnerability, leading to arbitrary file read.

CVE-2020-10086 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Directory traversal

GitLab before 12.8.2 allows Information Disclosure

CVE-2020-10087 7.5 - High - March 13, 2020

GitLab before 12.8.2 allows Information Disclosure. Badge images were not being proxied, causing mixed content warnings as well as leaking the IP address of the user.

CVE-2020-10087 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Information Leak

GitLab 12.5 through 12.8.1 has Insecure Permissions

CVE-2020-10088 8.1 - High - March 13, 2020

GitLab 12.5 through 12.8.1 has Insecure Permissions. Depending on particular group settings, it was possible for invited groups to be given the incorrect permission level.

CVE-2020-10088 is exploitable with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.

Incorrect Permission Assignment for Critical Resource

GitLab 8.11 through 12.8.1

CVE-2020-10089 7.5 - High - March 13, 2020

GitLab 8.11 through 12.8.1 allows a Denial of Service when using several features to recursively request eachother,

CVE-2020-10089 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Stack Exhaustion

GitLab 11.7 through 12.8.1 allows Information Disclosure

CVE-2020-10090 5.3 - Medium - March 13, 2020

GitLab 11.7 through 12.8.1 allows Information Disclosure. Under certain group conditions, group epic information was unintentionally being disclosed.

CVE-2020-10090 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Information Leak

GitLab 9.3 through 12.8.1 allows XSS

CVE-2020-10091 6.1 - Medium - March 13, 2020

GitLab 9.3 through 12.8.1 allows XSS. A cross-site scripting vulnerability was found when viewing particular file types.

CVE-2020-10091 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

XSS

GitLab 12.1 through 12.8.1 allows XSS

CVE-2020-10092 6.1 - Medium - March 13, 2020

GitLab 12.1 through 12.8.1 allows XSS. A cross-site scripting vulnerability was present in a particular view relating to the Grafana integration.

CVE-2020-10092 is exploitable with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality and integrity, and no impact on availability.

XSS

GitLab EE 11.6 through 12.8.1 allows Information Disclosure

CVE-2020-10084 5.3 - Medium - March 13, 2020

GitLab EE 11.6 through 12.8.1 allows Information Disclosure. Sending a specially crafted request to the vulnerability_feedback endpoint could result in the exposure of a private project namespace

CVE-2020-10084 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Information Leak

GitLab 12.8.x before 12.8.6, when sign-up is enabled

CVE-2020-10535 5.3 - Medium - March 12, 2020

GitLab 12.8.x before 12.8.6, when sign-up is enabled, allows remote attackers to bypass email domain restrictions within the two-day grace period for an unconfirmed email address.

CVE-2020-10535 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.

An issue was discovered in GitLab Community and Enterprise Edition 11.11 through 12.0.2

CVE-2019-13007 4.9 - Medium - March 10, 2020

An issue was discovered in GitLab Community and Enterprise Edition 11.11 through 12.0.2. When an admin enabled one of the service templates, it was triggering an action that leads to resource depletion. It allows Uncontrolled Resource Consumption.

CVE-2019-13007 can be explotited with network access, and requires user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.2 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Uncontrolled Resource Consumption ('Resource Exhaustion')

An issue was discovered in GitLab Community and Enterprise Edition 9.2 through 12.0.2

CVE-2019-13009 6.5 - Medium - March 10, 2020

An issue was discovered in GitLab Community and Enterprise Edition 9.2 through 12.0.2. Uploaded files associated with unsaved personal snippets were accessible to unauthorized users due to improper permission settings. It has Incorrect Access Control.

CVE-2019-13009 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Incorrect Permission Assignment for Critical Resource

An issue was discovered in GitLab Enterprise Edition 10.6 through 12.0.2

CVE-2019-13121 7.5 - High - March 10, 2020

An issue was discovered in GitLab Enterprise Edition 10.6 through 12.0.2. The GitHub project integration was vulnerable to an SSRF vulnerability which allowed an attacker to make requests to local network resources. It has Incorrect Access Control.

CVE-2019-13121 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and no impact on availability.

XSPA

An issue was discovered in GitLab Enterprise Edition 8.3 through 12.0.2

CVE-2019-13010 5.9 - Medium - March 10, 2020

An issue was discovered in GitLab Enterprise Edition 8.3 through 12.0.2. The color codes decoder was vulnerable to a resource depletion attack if specific formats were used. It allows Uncontrolled Resource Consumption.

CVE-2019-13010 is exploitable with network access, and does not require authorization privledges or user interaction. This vulnerability is consided to have a high level of attack complexity. It has an exploitability score of 2.2 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

An issue was discovered in GitLab Enterprise Edition 8.11.0 through 12.0.2

CVE-2019-13011 4.3 - Medium - March 10, 2020

An issue was discovered in GitLab Enterprise Edition 8.11.0 through 12.0.2. By using brute-force a user with access to a project, but not it's repository could create a list of merge requests template names. It has excessive algorithmic complexity.

CVE-2019-13011 can be explotited with network access, and requires small amount of user privledges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a small impact on confidentiality, a small impact on integrity and availability.

Uncontrolled Resource Consumption ('Resource Exhaustion')