High severity7.5NVD Advisory· Published Apr 22, 2020· Updated Jun 17, 2026
CVE-2020-11505
CVE-2020-11505
Description
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 12.7.9, 12.8.x before 12.8.9, and 12.9.x before 12.9.3. A Workhorse bypass could lead to NuGet package and file disclosure (Exposure of Sensitive Information) via request smuggling.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8- GitLab/GitLab Community Edition (CE) and Enterprise Edition (EE)description
- Range: <12.7.9
- Range: <12.7.9
- osv-coords5 versionspkg:apk/chainguard/gitlab-operatorpkg:apk/chainguard/gitlab-operator-chartspkg:apk/chainguard/gitlab-operator-compatpkg:apk/chainguard/gitlab-operator-fipspkg:bitnami/gitlab
< 0+ 4 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 12.7.9
Patches
Vulnerability mechanics
References
2- about.gitlab.com/blog/categories/releases/nvdVendor Advisory
- about.gitlab.com/releases/2020/04/14/critical-security-release-gitlab-12-dot-9-dot-3-released/nvdVendor Advisory
News mentions
0No linked articles in our index yet.