GitLab Multiple Vulnerabilities
Last Update Date:
7 Jan 2020 10:16
Release Date:
7 Jan 2020
5322
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in GitLab, a remote attacker could exploit some of these vulnerabilities to trigger denial of service, security restriction bypass and sensitive information disclosure on the targeted system.
Impact
- Denial of Service
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- GitLab EE/CE version before 12.6.2, 12.5.6 and 12.4.7
Solutions
Before installation of the software, please visit the software vendor web-site for more details.
- The vendor has issued a fix:
https://about.gitlab.com/blog/2020/01/02/security-release-gitlab-12-6-2-released/
Vulnerability Identifier
- CVE-2019-20142
- CVE-2019-20143
- CVE-2019-20144
- CVE-2019-20145
- CVE-2019-20146
- CVE-2019-20147
- CVE-2019-20148
- CVE-2020-5197
Source
Related Link
Share with