Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
High

CVE-2020-10535

Disclosure Date: March 12, 2020 (last updated October 06, 2023)
GitLab 12.8.x before 12.8.6, when sign-up is enabled, allows remote attackers to bypass email domain restrictions within the two-day grace period for an unconfirmed email address.
Attacker Value
Very High

CVE-2020-10977

Disclosure Date: April 08, 2020 (last updated October 06, 2023)
GitLab EE/CE 8.5 to 12.9 is vulnerable to a an path traversal when moving an issue between projects.