CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-10978
https://notcve.org/view.php?id=CVE-2020-10978
GitLab EE/CE 8.11 to 12.9 is leaking information on Issues opened in a public project and then moved to a private project through Web-UI and GraphQL API. GitLab EE/CE versiones 8.11 hasta 12.9, está filtrando información sobre Problemas aperturados en un proyecto público y luego es movido a un proyecto privado por medio de Interfaz de Usuario Web y la API GraphQL. • https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released https://about.gitlab.com/releases/categories/releases •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-10980
https://notcve.org/view.php?id=CVE-2020-10980
GitLab EE/CE 8.0.rc1 to 12.9 is vulnerable to a blind SSRF in the FogBugz integration. GitLab EE/CE versiones 8.0.rc1 hasta 12.9, es vulnerable a un ataque de tipo SSRF ciego en la integración de FogBugz. • https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released https://about.gitlab.com/releases/categories/releases • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-10981
https://notcve.org/view.php?id=CVE-2020-10981
GitLab EE/CE 9.0 to 12.9 allows a maintainer to modify other maintainers' pipeline trigger descriptions within the same project. GitLab EE/CE versiones 9.0 hasta 12.9, permite a un mantenedor modificar las descripciones de activación de la tubería de otros mantenedores dentro del mismo proyecto. • https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released https://about.gitlab.com/releases/categories/releases •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-10952
https://notcve.org/view.php?id=CVE-2020-10952
GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images. GitLab EE/CE versiones 8.11 hasta 12.9.1, permite a usuarios bloqueados extraer y empujar imágenes de docker. • https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released https://about.gitlab.com/releases/categories/releases •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-10954
https://notcve.org/view.php?id=CVE-2020-10954
GitLab through 12.9 is affected by a potential DoS in repository archive download. GitLab versiones hasta 12.9, está afectado por una DoS potencial en una descarga de archivo del repositorio. • https://about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released https://about.gitlab.com/releases/categories/releases • CWE-400: Uncontrolled Resource Consumption •