CVE-2020-13341

Summary

An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2. Insufficient permission check allows attacker with developer role to perform various deletions.

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=13.1, <13.2.10affected
GitLabGitLab>=13.3, <13.3.7affected
GitLabGitLab>=13.4, <13.4.2affected

Weaknesses

  • Improper authorization in GitLab

ADP Enrichment

CVE Program Container

Additional References

References