Vulnerabilities > CVE-2020-13341 - Type Confusion vulnerability in Gitlab
Attack vector
NETWORK Attack complexity
LOW Privileges required
HIGH Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE Summary
An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2. Insufficient permission check allows attacker with developer role to perform various deletions.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13341.json
- https://gitlab.com/gitlab-org/gitlab/-/issues/239348
- https://hackerone.com/reports/960244
- https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13341.json
- https://hackerone.com/reports/960244
- https://gitlab.com/gitlab-org/gitlab/-/issues/239348