GitLab Multiple Vulnerabilities
Last Update Date:
10 Mar 2020 10:15
Release Date:
10 Mar 2020
4480
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in GitLab, a remote attacker could exploit some of these vulnerabilities to trigger cross site scripting, denial of service, security restriction bypass and sensitive information disclosure on the targeted system.
Impact
- Cross-Site Scripting
- Denial of Service
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- GitLab EE/CE version before 12.8.2, 12.7.7 and 12.6.8
Solutions
Before installation of the software, please visit the software vendor web-site for more details.
- The vendor has issued a fix:
https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/
Vulnerability Identifier
- CVE-2019-10208
- CVE-2020-8113
- CVE-2020-10073
- CVE-2020-10074
- CVE-2020-10075
- CVE-2020-10076
- CVE-2020-10077
- CVE-2020-10078
- CVE-2020-10079
- CVE-2020-10080
- CVE-2020-10081
- CVE-2020-10082
- CVE-2020-10083
- CVE-2020-10084
- CVE-2020-10085
- CVE-2020-10086
- CVE-2020-10087
- CVE-2020-10088
- CVE-2020-10089
- CVE-2020-10090
- CVE-2020-10091
- CVE-2020-10092
Source
Related Link
Share with