Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Tenable Nessus
Tenable Nessusadded 2024/05/17 12:0 a.m.17 views

GitLab 13.3 < 13.3.9 / 13.4 < 13.4.5 / 13.5 < 13.5.2 (CVE-2020-26406)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Certain SAST CiConfiguration information could be viewed by unauthorized users in GitLab EE starting with 13.3. This information was exposed through GraphQL to non-members of public projects with...

5.3CVSS5.8AI score0.00269EPSS
Exploits0References4
OSV
OSVadded 2020/11/17 1:15 a.m.16 views

CVE-2020-26406

Certain SAST CiConfiguration information could be viewed by unauthorized users in GitLab EE starting with 13.3. This information was exposed through GraphQL to non-members of public projects with repository visibility restricted as well as guest members on private projects. Affected versions are:...

5.3CVSS6.5AI score0.00269EPSS
Exploits0References3
NVD
NVDadded 2020/11/17 1:15 a.m.14 views

CVE-2020-26406

Certain SAST CiConfiguration information could be viewed by unauthorized users in GitLab EE starting with 13.3. This information was exposed through GraphQL to non-members of public projects with repository visibility restricted as well as guest members on private projects. Affected versions are:...

5.3CVSS4.8AI score0.00269EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2020/11/17 1:15 a.m.17 views

CVE-2020-26406

Certain SAST CiConfiguration information could be viewed by unauthorized users in GitLab EE starting with 13.3. This information was exposed through GraphQL to non-members of public projects with repository visibility restricted as well as guest members on private projects. Affected versions are:...

5.3CVSS6.1AI score0.00269EPSS
Exploits0References4
Cvelist
Cvelistadded 2020/11/17 12:13 a.m.13 views

CVE-2020-26406

Certain SAST CiConfiguration information could be viewed by unauthorized users in GitLab EE starting with 13.3. This information was exposed through GraphQL to non-members of public projects with repository visibility restricted as well as guest members on private projects. Affected versions are:...

5.3CVSS4.8AI score0.00269EPSS
Exploits0References3
Debian CVE
Debian CVEadded 2020/11/17 12:13 a.m.25 views

CVE-2020-26406

Removed by vendor...

5.3CVSS6AI score0.00269EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2020/11/17 12:0 a.m.1 views

PT-2020-16413 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab EE versions 13.3 through 13.3.8 GitLab EE versions 13.4 through 13.4.4 GitLab EE versions 13.5 through 13.5.1 Description: Certain SAST CiConfiguration information could be viewed by unauthorized users in GitLab EE. This information wa...

5.3CVSS4.8AI score0.00269EPSS
Exploits0References8
Tenable Nessus
Tenable Nessusadded 2020/11/03 12:0 a.m.28 views

FreeBSD : Gitlab -- Multiple vulnerabilities (174e466b-1d48-11eb-bd0f-001b217b3468)

Gitlab reports : Path Traversal in LFS Upload Path traversal allows saving packages in arbitrary location Kubernetes agent API leaks private repos Terraform state deletion API exposes object storage URL Stored-XSS in error message of build-dependencies Git credentials persisted on disk Potential...

8.7CVSS6.1AI score0.01546EPSS
Exploits0References15
Rows per page
Query Builder