Lucene search
GitLabCVELIST:CVE-2020-13357HistoryDec 11, 2020 - 3:55 a.m.
CVE-2020-13357
2020-12-1103:55:55
GitLab
www.cve.org
8
gitlab
unauthorized access
user list
feature flag
security issue
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
AI Score
4.6
Confidence
High
EPSS
0.001
Percentile
29.6%
An issue was discovered in Gitlab CE/EE versions >= 13.1 to <13.4.7, >= 13.5 to <13.5.5, and >= 13.6 to <13.6.2 allowed an unauthorized user to access the user list corresponding to a feature flag in a project.
CNA Affected
[
{
"product": "GitLab CE/EE",
"vendor": "GitLab",
"versions": [
{
"status": "affected",
"version": ">= 13.1 to <13.4.7"
},
{
"status": "affected",
"version": ">= 13.5 to <13.5.5"
},
{
"status": "affected",
"version": ">= 13.6 to <13.6.2"
}
]
}
]Related
debiancve
debiancve
CVE-2020-13357
2020-12-11 04:15:11
nvd
nvd
CVE-2020-13357
2020-12-11 04:15:11
nessus
nessus
GitLab 13.1 < 13.4.7 / 13.5 < 13.5.5 / 13.6 < 13.6.2 (CVE-2020-13357)
2024-05-17 00:00:00
osv
osv
BIT-gitlab-2020-13357
2024-03-06 11:21:28
CVE-2020-13357
2020-12-11 04:15:11
veracode
veracode
Unauthorized Access
2020-12-09 09:12:56
prion
prion
Design/Logic Flaw
2020-12-11 04:15:00
cve
cve
CVE-2020-13357
2020-12-11 04:15:11
ubuntucve
ubuntucve
CVE-2020-13357
2020-12-11 00:00:00
freebsd
freebsd
Gitlab -- Multiple vulnerabilities
2020-12-07 00:00:00
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
AI Score
4.6
Confidence
High
EPSS
0.001
Percentile
29.6%
Related for CVELIST:CVE-2020-13357