VYPR
Unrated severityNVD Advisory· Published Sep 14, 2020· Updated Aug 4, 2024

CVE-2020-13298

CVE-2020-13298

Description

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Conan package upload functionality was not properly validating the supplied parameters, which resulted in the limited files disclosure.

Affected products

3
  • GitLab Inc./GitLabllm-fuzzy2 versions
    <13.1.10 || >=13.2.0 <13.2.8 || >=13.3.0 <13.3.4+ 1 more
    • (no CPE)range: <13.1.10 || >=13.2.0 <13.2.8 || >=13.3.0 <13.3.4
    • (no CPE)range: >=13.3, <13.3.4
  • osv-coords
    Range: >= 13.1.0, < 13.1.10

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.