CVE-2020-13352

🗓️ 17 Nov 2020 00:36:27Reported by GitLabType

Private group info leaked in GitLab CE/EE v10.2+ moving project from private to public group

Reporter	Title	Published	Views	Family All 15
FreeBSD	Gitlab -- Multiple vulnerabilities	2 Nov 202000:00	–	freebsd
Circl	CVE-2020-13352	17 Nov 202007:38	–	circl
Cvelist	CVE-2020-13352	17 Nov 202000:36	–	cvelist
Debian CVE	CVE-2020-13352	17 Nov 202000:36	–	debiancve
EUVD	EUVD-2020-5612	7 Oct 202500:30	–	euvd
Tenable Nessus	FreeBSD : Gitlab -- Multiple vulnerabilities (174e466b-1d48-11eb-bd0f-001b217b3468)	3 Nov 202000:00	–	nessus
Tenable Nessus	GitLab 10.2 < 13.3.9 / 13.4 < 13.4.5 / 13.5 < 13.5.2 (CVE-2020-13352)	17 May 202400:00	–	nessus
NCSC	Vulnerabilities fixed in GitLab	17 Nov 202000:00	–	ncsc
NVD	CVE-2020-13352	17 Nov 202001:15	–	nvd
OSV	BIT-GITLAB-2020-13352	6 Mar 202411:21	–	osv

NVD

Vulners

Node

gitlab gitlabRange10.2.0–13.3.9community

gitlab gitlabRange10.2.0–13.3.9enterprise

gitlab gitlabRange13.4.0–13.4.5community

gitlab gitlabRange13.4.0–13.4.5enterprise

gitlab gitlabRange13.5.0–13.5.2community

gitlab gitlabRange13.5.0–13.5.2enterprise

[
  {
    "product": "GitLab CE/EE",
    "vendor": "GitLab",
    "versions": [
      {
        "status": "affected",
        "version": ">=10.2"
      },
      {
        "status": "affected",
        "version": "<13.3.9"
      },
      {
        "status": "affected",
        "version": ">=13.4"
      },
      {
        "status": "affected",
        "version": "<13.4.5"
      },
      {
        "status": "affected",
        "version": ">=13.5"
      },
      {
        "status": "affected",
        "version": "<13.5.2"
      }
    ]
  }
]

Source	Link
gitlab	www.gitlab.com/gitlab-org/gitlab/-/issues/38281
hackerone	www.hackerone.com/reports/748315
gitlab	www.gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13352.json

21 Nov 2024 05:01Current

5.2Medium risk

Vulners AI Score5.2

CVSS 25

CVSS 3.13.7 - 5.3

EPSS0.00237