CVE Vulnerabilities

CVE-2020-13323

Published: Sep 30, 2020 | Modified: Jul 21, 2021
CVSS 3.x
7.7
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

A vulnerability was discovered in GitLab versions prior 13.1. Under certain conditions private merge requests could be read via Todos

Affected Software

Name Vendor Start Version End Version
Gitlab Gitlab 8.5.0 (including) 12.10.13 (excluding)
Gitlab Gitlab 13.0.0 (including) 13.0.8 (excluding)
Gitlab Gitlab 13.1.0 (including) 13.1.2 (excluding)
Gitlab Ubuntu esm-apps/xenial *
Gitlab Ubuntu xenial *

References