Vulnerabilities > CVE-2020-13268 - Unspecified vulnerability in Gitlab
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
A specially crafted request could be used to confirm the existence of files hosted on object storage services, without disclosing their contents. This vulnerability affects GitLab CE/EE 12.10 and later through 13.0.1
Vulnerable Configurations
References
- https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13268.json
- https://gitlab.com/gitlab-org/gitlab/-/issues/214220
- https://hackerone.com/reports/848415
- https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13268.json
- https://hackerone.com/reports/848415
- https://gitlab.com/gitlab-org/gitlab/-/issues/214220