CVE Vulnerabilities

CVE-2020-13294

Published: Aug 10, 2020 | Modified: Nov 21, 2024
CVSS 3.x
5.4
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CVSS 2.x
5.5 MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

In GitLab before 13.0.12, 13.1.6 and 13.2.3, access grants were not revoked when a user revoked access to an application.

Affected Software

Name Vendor Start Version End Version
Gitlab Gitlab 7.7.0 (including) 13.0.12 (excluding)
Gitlab Gitlab 13.1.0 (including) 13.1.6 (excluding)
Gitlab Gitlab 13.2.0 (including) 13.2.3 (excluding)
Gitlab Ubuntu esm-apps/xenial *
Gitlab Ubuntu xenial *

References