VYPR
Unrated severityNVD Advisory· Published Dec 11, 2020· Updated Aug 4, 2024

CVE-2020-26415

CVE-2020-26415

Description

Information about the starred projects for private user profiles was exposed via the GraphQL API starting from 12.2 via the REST API. This affects GitLab >=12.2 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • GitLab Inc./GitLabllm-fuzzy2 versions
    >=12.2, <13.4.7; >=13.5, <13.5.5; >=13.6, <13.6.2+ 1 more
    • (no CPE)range: >=12.2, <13.4.7; >=13.5, <13.5.5; >=13.6, <13.6.2
    • (no CPE)range: >=12.2 to <13.4.7
  • osv-coords
    Range: >= 12.2.0, < 13.4.7

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.