Unrated severityNVD Advisory· Published Mar 13, 2020· Updated Aug 4, 2024
CVE-2020-10081
CVE-2020-10081
Description
GitLab before 12.8.2 has Incorrect Access Control. It was internally discovered that the LFS import process could potentially be used to incorrectly access LFS objects not owned by the user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- GitLab/GitLabdescription
- Range: <=12.8.2
- osv-coords5 versionspkg:apk/chainguard/gitlab-operatorpkg:apk/chainguard/gitlab-operator-chartspkg:apk/chainguard/gitlab-operator-compatpkg:apk/chainguard/gitlab-operator-fipspkg:bitnami/gitlab
< 0+ 4 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 12.8.2
Patches
Vulnerability mechanics
References
2- about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/mitrex_refsource_MISC
- about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/index.htmlmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.