Vulnerabilities > CVE-2020-35236 - Unspecified vulnerability in Amazee Lagoon
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
LOW Availability impact
NONE Summary
The GitLab Webhook Handler in amazee.io Lagoon before 1.12.3 has incorrect access control associated with project deletion.
Vulnerable Configurations
References
- https://github.com/amazeeio/lagoon/commit/1140289bf9fa98b8602ab4662ae867b210d8476b
- https://github.com/amazeeio/lagoon/commit/1140289bf9fa98b8602ab4662ae867b210d8476b
- https://github.com/amazeeio/lagoon/compare/v1.12.2...v1.12.3
- https://github.com/amazeeio/lagoon/compare/v1.12.2...v1.12.3
- https://github.com/amazeeio/lagoon/tree/master/services/webhook-handler
- https://github.com/amazeeio/lagoon/tree/master/services/webhook-handler
- https://github.com/amazeeio/lagoon/tree/master/services/webhooks2tasks
- https://github.com/amazeeio/lagoon/tree/master/services/webhooks2tasks