Every CVE whose affected-product data names Google Gerrit, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2021-22553 — CVSS 6.5 (medium): Any git operation is passed through Jetty and a session is created. No expiry is set for the session and Jetty does not automatically…
CVE-2026-2725 — CVSS 5.3 (medium): Incorrect authorization in the "submitted together" feature in Gerrit versions 2.12 and later allows an authenticated attacker with force…
CVE-2020-8919 — CVSS 3.5 (low): An information leak vulnerability exists in Gerrit versions prior to 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where a missing access check…
CVE-2020-8920 — CVSS 3.5 (low): An information leak vulnerability exists in Gerrit versions prior to 2.14.22, 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where an…