Lucene search
GitLabCVELIST:CVE-2020-13298HistorySep 14, 2020 - 9:44 p.m.
CVE-2020-13298
2020-09-1421:44:42
GitLab
www.cve.org
6
gitlab
vulnerability
package upload
limited files disclosure
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
AI Score
6.8
Confidence
High
EPSS
0.002
Percentile
52.5%
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Conan package upload functionality was not properly validating the supplied parameters, which resulted in the limited files disclosure.
CNA Affected
[
{
"product": "GitLab",
"vendor": "GitLab",
"versions": [
{
"status": "affected",
"version": ">=13.3, <13.3.4"
},
{
"status": "affected",
"version": ">=13.2, <13.2.8"
},
{
"status": "affected",
"version": ">=13.1, <13.1.10"
}
]
}
]Related
nvd
nvd
CVE-2020-13298
2020-09-14 22:15:10
osv
osv
BIT-gitlab-2020-13298
2024-03-06 11:22:38
CVE-2020-13298
2020-09-14 22:15:10
ubuntucve
ubuntucve
CVE-2020-13298
2020-09-14 00:00:00
prion
prion
Information disclosure
2020-09-14 22:15:00
debiancve
debiancve
CVE-2020-13298
2020-09-14 22:15:10
cve
cve
CVE-2020-13298
2020-09-14 22:15:10
nessus
nessus
freebsd
freebsd
Gitlab -- multiple vulnerabilities
2020-09-02 00:00:00
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
AI Score
6.8
Confidence
High
EPSS
0.002
Percentile
52.5%
Related for CVELIST:CVE-2020-13298