Vulnerabilities > CVE-2020-13298 - Unspecified vulnerability in Gitlab
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Conan package upload functionality was not properly validating the supplied parameters, which resulted in the limited files disclosure.
Vulnerable Configurations
References
- https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13298.json
- https://gitlab.com/gitlab-org/gitlab/-/issues/228841
- https://hackerone.com/reports/923027
- https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13298.json
- https://hackerone.com/reports/923027
- https://gitlab.com/gitlab-org/gitlab/-/issues/228841