Vulnerabilities > CVE-2020-13352 - Unspecified vulnerability in Gitlab
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
Private group info is leaked leaked in GitLab CE/EE version 10.2 and above, when the project is moved from private to public group. Affected versions are: >=10.2, <13.3.9,>=13.4, <13.4.5,>=13.5, <13.5.2.
Vulnerable Configurations
References
- https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13352.json
- https://gitlab.com/gitlab-org/gitlab/-/issues/38281
- https://hackerone.com/reports/748315
- https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13352.json
- https://hackerone.com/reports/748315
- https://gitlab.com/gitlab-org/gitlab/-/issues/38281