4 matches found
GitLab 8.14 < 13.3.9 / 13.4 < 13.4.5 / 13.5 < 13.5.2 (CVE-2020-13355)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.14. A path traversal is found in LFS Upload that allows attacker to overwrite certain specific paths on the server...
CVE-2020-13355
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.14. A path traversal is found in LFS Upload that allows attacker to overwrite certain specific paths on the server. Affected versions are: =8.14, =13.4, =13.5, 13.5.2...
CVE-2020-13355
Summary: CVE-2020-13355 is a path traversal vulnerability in GitLab CE/EE with LFS Upload that lets an attacker overwrite specific server paths. Affected GitLab versions are 8.14 through 13.3.8, 13.4 through 13.4.4, and 13.5 through 13.5.1. The root cause is a path traversal flaw in the LFS Uploa...
Vulnerabilities fixed in GitLab
Several vulnerabilities have been fixed in GitLab. The vulnerabilities potentially allow a malicious person to launch attacks execute attacks that result in the following categories of damage: Cross-Site Request Forgery XSRF. Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data...