88 matches found
CVE-2020-13348
An issue has been discovered in GitLab EE affecting all versions starting from 10.2. Required CODEOWNERS approval could be bypassed by targeting a branch without the CODEOWNERS file. Affected versions are =10.2, =13.4, =13.5, 13.5.2...
CVE-2020-13348
An issue has been discovered in GitLab EE affecting all versions starting from 10.2. Required CODEOWNERS approval could be bypassed by targeting a branch without the CODEOWNERS file. Affected versions are =10.2, =13.4, =13.5, 13.5.2...
Design/Logic Flaw
An issue has been discovered in GitLab EE affecting all versions starting from 10.2. Required CODEOWNERS approval could be bypassed by targeting a branch without the CODEOWNERS file. Affected versions are =10.2, =13.4, =13.5, 13.5.2...
CVE-2020-13348
An issue has been discovered in GitLab EE affecting all versions starting from 10.2. Required CODEOWNERS approval could be bypassed by targeting a branch without the CODEOWNERS file. Affected versions are =10.2, =13.4, =13.5, 13.5.2...
CVE-2020-13348
Removed by vendor...
CVE-2020-13348
CVE-2020-13348 affects GitLab EE with CODEOWNERS bypass vulnerability. Affected: GitLab EE versions 10.2 through 13.3.8 (and 13.4 up to 13.4.4, and 13.5 up to 13.5.1); multiple release branches show the issue stems from bypassing CODEOWNERS validation when targeting a branch without CODEOWNERS. I...
PT-2020-13489 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 10.2 through 13.3.8 GitLab EE versions 13.4 through 13.4.4 GitLab EE versions 13.5 through 13.5.1 Description: An issue has been discovered in GitLab EE where required CODEOWNERS approval could be bypassed by targeting a...
Gitlab -- Multiple vulnerabilities
Gitlab reports: Path Traversal in LFS Upload Path traversal allows saving packages in arbitrary location Kubernetes agent API leaks private repos Terraform state deletion API exposes object storage URL Stored-XSS in error message of build-dependencies Git credentials persisted on disk Potential...