Описание
An IDOR vulnerability exists in GitLab <v12.1.2, <v12.0.4, and <v11.11.6 that allowed uploading files from project archive to replace other users files potentially allowing an attacker to replace project binaries or other uploaded assets.
Релиз | Статус | Примечание |
---|---|---|
bionic | DNE | |
devel | DNE | |
disco | DNE | |
esm-apps/xenial | not-affected | code not present |
esm-infra-legacy/trusty | DNE | |
precise/esm | DNE | |
trusty | DNE | |
trusty/esm | DNE | |
upstream | needs-triage | |
xenial | not-affected | code not present |
Показывать по
5.5 Medium
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
An IDOR vulnerability exists in GitLab <v12.1.2, <v12.0.4, and <v11.11.6 that allowed uploading files from project archive to replace other users files potentially allowing an attacker to replace project binaries or other uploaded assets.
An IDOR vulnerability exists in GitLab <v12.1.2, <v12.0.4, and <v11.11 ...
An IDOR vulnerability exists in GitLab <v12.1.2, <v12.0.4, and <v11.11.6 that allowed uploading files from project archive to replace other users files potentially allowing an attacker to replace project binaries or other uploaded assets.
5.5 Medium
CVSS2
6.5 Medium
CVSS3