Unrated severityNVD Advisory· Published Apr 22, 2020· Updated Aug 4, 2024
CVE-2020-11505
CVE-2020-11505
Description
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 12.7.9, 12.8.x before 12.8.9, and 12.9.x before 12.9.3. A Workhorse bypass could lead to NuGet package and file disclosure (Exposure of Sensitive Information) via request smuggling.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- GitLab/GitLab Community Edition (CE) and Enterprise Edition (EE)description
- Range: before 12.7.9, before 12.8.9, before 12.9.3
- osv-coords5 versionspkg:apk/chainguard/gitlab-operatorpkg:apk/chainguard/gitlab-operator-chartspkg:apk/chainguard/gitlab-operator-compatpkg:apk/chainguard/gitlab-operator-fipspkg:bitnami/gitlab
< 0+ 4 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 12.7.9
Patches
Vulnerability mechanics
References
2- about.gitlab.com/blog/categories/releases/mitrex_refsource_MISC
- about.gitlab.com/releases/2020/04/14/critical-security-release-gitlab-12-dot-9-dot-3-released/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.