3 matches found
GitLab 8.6 < 13.2.10 / 13.3.0 < 13.3.7 / 13.4.0 < 13.4.2 (CVE-2020-13334)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper authorization checks allow a non-member of a project/group to change the confidentiality attribute of issue via mutation GraphQL query...
CVE-2020-13334
In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper authorization checks allow a non-member of a project/group to change the confidentiality attribute of issue via mutation GraphQL query...
CVE-2020-13334
CVE-2020-13334 affects GitLab versions prior to 13.2.10, 13.3.7, and 13.4.2. The root cause is improper authorization checks that allow a non-member of a project/group to change the confidentiality attribute of an issue via a GraphQL mutation. This can impact the integrity of issue data (high sev...