GitLab EE 数据伪造问题漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features.GitLab EE is vulnerable to a data forgery issue, which can be exploited by...

CVE-2020-13348

An issue has been discovered in GitLab EE affecting all versions starting from 10.2. Required CODEOWNERS approval could be bypassed by targeting a branch without the CODEOWNERS file. Affected versions are =10.2, =13.4, =13.5, 13.5.2...

CVE-2020-13348

An issue has been discovered in GitLab EE affecting all versions starting from 10.2. Required CODEOWNERS approval could be bypassed by targeting a branch without the CODEOWNERS file. Affected versions are =10.2, =13.4, =13.5, 13.5.2...

CVE-2020-13348

An issue has been discovered in GitLab EE affecting all versions starting from 10.2. Required CODEOWNERS approval could be bypassed by targeting a branch without the CODEOWNERS file. Affected versions are =10.2, =13.4, =13.5, 13.5.2...

Design/Logic Flaw

An issue has been discovered in GitLab EE affecting all versions starting from 10.2. Required CODEOWNERS approval could be bypassed by targeting a branch without the CODEOWNERS file. Affected versions are =10.2, =13.4, =13.5, 13.5.2...

CVE-2020-13348

An issue has been discovered in GitLab EE affecting all versions starting from 10.2. Required CODEOWNERS approval could be bypassed by targeting a branch without the CODEOWNERS file. Affected versions are =10.2, =13.4, =13.5, 13.5.2...

CVE-2020-13348

Removed by vendor...

CVE-2020-13348

CVE-2020-13348 affects GitLab EE with CODEOWNERS bypass vulnerability. Affected: GitLab EE versions 10.2 through 13.3.8 (and 13.4 up to 13.4.4, and 13.5 up to 13.5.1); multiple release branches show the issue stems from bypassing CODEOWNERS validation when targeting a branch without CODEOWNERS. I...

PT-2020-13489 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 10.2 through 13.3.8 GitLab EE versions 13.4 through 13.4.4 GitLab EE versions 13.5 through 13.5.1 Description: An issue has been discovered in GitLab EE where required CODEOWNERS approval could be bypassed by targeting a...

Gitlab -- Multiple vulnerabilities

Gitlab reports: Path Traversal in LFS Upload Path traversal allows saving packages in arbitrary location Kubernetes agent API leaks private repos Terraform state deletion API exposes object storage URL Stored-XSS in error message of build-dependencies Git credentials persisted on disk Potential...