CVE Vulnerabilities

CVE-2020-13293

Published: Aug 10, 2020 | Modified: Nov 21, 2024
CVSS 3.x
7.1
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
CVSS 2.x
5.5 MEDIUM
AV:N/AC:L/Au:S/C:N/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

In GitLab before 13.0.12, 13.1.6 and 13.2.3 using a branch with a hexadecimal name could override an existing hash.

Affected Software

Name Vendor Start Version End Version
Gitlab Gitlab 1.0.0 (including) 13.0.12 (excluding)
Gitlab Gitlab 13.1.0 (including) 13.1.6 (excluding)
Gitlab Gitlab 13.2.0 (including) 13.2.3 (excluding)
Gitlab Ubuntu esm-apps/xenial *
Gitlab Ubuntu xenial *

References