Privilege escalation

2020-04-2917:15:00

PRIOn knowledge base

www.prio-n.com

0.001 Low

EPSS

Percentile

35.9%

JSON

GitLab 12.6 through 12.9 is vulnerable to a privilege escalation that allows an external user to create a personal snippet through the API.

CPENameOperatorVersion
gitlabge12.9.0
gitlablt12.9.1
gitlabge12.9.0
gitlablt12.9.1
gitlabge12.8.0
gitlablt12.8.8
gitlabge12.8.0
gitlablt12.8.8
gitlabge12.6.0
gitlablt12.7.8

Name	Operator	Version
gitlab	ge	12.9.0
gitlab	lt	12.9.1
gitlab	ge	12.9.0
gitlab	lt	12.9.1
gitlab	ge	12.8.0
gitlab	lt	12.8.8
gitlab	ge	12.8.0
gitlab	lt	12.8.8
gitlab	ge	12.6.0
gitlab	lt	12.7.8

Rows per page:

1-10 of 121

References

about.gitlab.com/releases/2020/03/26/security-release-12-dot-9-dot-1-released/

0.001 Low

EPSS

Percentile

35.9%

JSON

Related for PRION:CVE-2020-12275