CVE-2020-13334

Опубликовано: 07 окт. 2020

Источник: debian

Описание

In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper authorization checks allow a non-member of a project/group to change the confidentiality attribute of issue via mutation GraphQL query

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gitlab	fixed	13.2.10-1		package

Связанные уязвимости

CVE-2020-13334

CVSS3: 5.9

ubuntu

больше 5 лет назад

In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper authorization checks allow a non-member of a project/group to change the confidentiality attribute of issue via mutation GraphQL query

CVE-2020-13334

CVSS3: 5.9

nvd

больше 5 лет назад

In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper authorization checks allow a non-member of a project/group to change the confidentiality attribute of issue via mutation GraphQL query

GHSA-2px3-3vqh-4m6q

github

больше 3 лет назад

In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper authorization checks allow a non-member of a project/group to change the confidentiality attribute of issue via mutation GraphQL query