Vulnerabilities > CVE-2020-13353 - Insufficient Session Expiration vulnerability in Gitlab Gitaly

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
local
low complexity
gitlab
CWE-613
NVD
Published: 2020-11-17
Updated: 2022-06-13

Summary

When importing repos via URL, one time use git credentials were persisted beyond the expected time window in Gitaly 1.79.0 or above.

Vulnerable Configurations

Part Description Count
Application
Gitlab
96

Common Weakness Enumeration (CWE)

References