Unrated severityNVD Advisory· Published Sep 14, 2020· Updated Aug 4, 2024
CVE-2020-13298
CVE-2020-13298
Description
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Conan package upload functionality was not properly validating the supplied parameters, which resulted in the limited files disclosure.
Affected products
3<13.1.10 || >=13.2.0 <13.2.8 || >=13.3.0 <13.3.4+ 1 more
- (no CPE)range: <13.1.10 || >=13.2.0 <13.2.8 || >=13.3.0 <13.3.4
- (no CPE)range: >=13.3, <13.3.4
Patches
Vulnerability mechanics
References
3- gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13298.jsonmitrex_refsource_CONFIRM
- gitlab.com/gitlab-org/gitlab/-/issues/228841mitrex_refsource_MISC
- hackerone.com/reports/923027mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.