GitLab Multiple Vulnerabilities
Last Update Date:
4 Sep 2020 11:21
Release Date:
4 Sep 2020
5302
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in GitLab, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, cross-site scripting, disclose sensitive information and bypass security restriction on the targeted system.
Impact
- Cross-Site Scripting
- Denial of Service
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- Affects all versions of GitLab
Solutions
Before installation of the software, please visit the software vendor web-site for more details.
- The vendor has issued a fix:
https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
Vulnerability Identifier
- CVE-2020-7663
- CVE-2020-11022
- CVE-2020-13284
- CVE-2020-13287
- CVE-2020-13289
- CVE-2020-13297
- CVE-2020-13298
- CVE-2020-13299
- CVE-2020-13300
- CVE-2020-13301
- CVE-2020-13302
- CVE-2020-13303
- CVE-2020-13304
- CVE-2020-13305
- CVE-2020-13306
- CVE-2020-13307
- CVE-2020-13308
- CVE-2020-13309
- CVE-2020-13310
- CVE-2020-13311
- CVE-2020-13313
- CVE-2020-13314
- CVE-2020-13315
- CVE-2020-13316
- CVE-2020-13317
- CVE-2020-13318
Source
Related Link
Share with