Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 1:46 p.m.9 views

CVE-2020-13359

The Terraform API in GitLab CE/EE 12.10+ exposed the object storage signed URL on the delete operation allowing a malicious project maintainer to overwrite the Terraform state, bypassing audit and other business controls. Affected versions are =12.10, =13.4, =13.5, 13.5.2...

7.6CVSS6.3AI score0.00756EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/05/17 12:0 a.m.25 views

GitLab 12.10 < 13.3.9 / 13.4 < 13.4.5 / 13.5 < 13.5.2 (CVE-2020-13359)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - The Terraform API in GitLab CE/EE 12.10+ exposed the object storage signed URL on the delete operation allowing a malicious project maintainer to overwrite the Terraform state, bypassing audit and oth...

7.6CVSS7.3AI score0.00756EPSS
Exploits0References3
Circl
Circl
added 2020/12/09 6:25 a.m.7 views

CVE-2020-13359

creationtimestamp| type| source ---|---|--- 2020-12-09 06:25:30+00:00| seen| https://t.me/cibsecurity/17405...

7.6CVSS7.3AI score0.00756EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2020/11/19 12:15 a.m.23 views

CVE-2020-13359

The Terraform API in GitLab CE/EE 12.10+ exposed the object storage signed URL on the delete operation allowing a malicious project maintainer to overwrite the Terraform state, bypassing audit and other business controls. Affected versions are =12.10, =13.4, =13.5, 13.5.2...

7.6CVSS7.1AI score0.00756EPSS
Exploits0References1
CVE
CVE
added 2020/11/18 11:57 p.m.82 views

CVE-2020-13359

CVE-2020-13359 affects GitLab CE/EE with the Terraform API in 12.10+ where the object storage signed URL is exposed on the delete operation. This allows a malicious project maintainer to overwrite the Terraform state and bypass audit/business controls. Affected versions are &gt;=12.10, =13.4, =13...

7.6CVSS7.2AI score0.00756EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder