PT-2020-19251 · Gitlab · Gitlab Ce/Ee+1
Nyangawa
·
Published
2020-01-13
·
Updated
2024-03-06
·
CVE-2020-6832
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
GitLab Enterprise Edition versions 8.9.0 through 12.6.1
Description
An issue was discovered that allows someone to obtain issues from private projects using the project import feature.
Recommendations
For GitLab Enterprise Edition versions 8.9.0 through 12.6.1, consider restricting access to the project import feature until a fix is available.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Gitlab
Gitlab Ce/Ee