CVE-2020-13318

Опубликовано: 14 сент. 2020

Источник: debian

Описание

A vulnerability was discovered in GitLab versions before 13.0.12, 13.1.10, 13.2.8 and 13.3.4. GitLabs EKS integration was vulnerable to a cross-account assume role attack.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gitlab	fixed	13.2.8-1		package

Примечания

https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/

Связанные уязвимости

CVE-2020-13318

CVSS3: 6.4

ubuntu

больше 5 лет назад

A vulnerability was discovered in GitLab versions before 13.0.12, 13.1.10, 13.2.8 and 13.3.4. GitLabs EKS integration was vulnerable to a cross-account assume role attack.

CVE-2020-13318

CVSS3: 6.4

nvd

больше 5 лет назад

A vulnerability was discovered in GitLab versions before 13.0.12, 13.1.10, 13.2.8 and 13.3.4. GitLabs EKS integration was vulnerable to a cross-account assume role attack.

GHSA-8wjf-7pjq-2695

github

больше 3 лет назад

A vulnerability was discovered in GitLab versions before 13.0.12, 13.1.10, 13.2.8 and 13.3.4. GitLabs EKS integration was vulnerable to a cross-account assume role attack.