CVEs affecting projects tracked on Release Alert, from NVD & OSV.
A XSS exists in Gitlab CE/EE < 12.1.10 in the Mermaid plugin.