Gitlab Ce vulnerabilities

CVE-2020-26413 [MEDIUM] CWE-200 CVE-2020-26413: An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL results in us CVE-2020-26413: An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL results in user email being unexpectedly visible.

CVE-2020-26408 [MEDIUM] CWE-862 CVE-2020-26408: A limited information disclosure vulnerability exists in Gitlab CE/EE from >= 12.2 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2 that allows an CVE-2020-26408: A limited information disclosure vulnerability exists in Gitlab CE/EE from >= 12.2 to =13.5 to =13.6 to <13.6.2 that allows an attacker to view limited information in user's private profile

CVE-2020-26407 [MEDIUM] CWE-79 CVE-2020-26407: A XSS vulnerability exists in Gitlab CE/EE from 12.4 before 13.4.7, 13.5 before 13.5.5, and 13.6 before 13.6.2 that allows an attacker to perform cros CVE-2020-26407: A XSS vulnerability exists in Gitlab CE/EE from 12.4 before 13.4.7, 13.5 before 13.5.5, and 13.6 before 13.6.2 that allows an attacker to perform cross-site scripting to other users via importing a malicious project

CVE-2020-13356 [HIGH] CVE-2020-13356: An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.8.9. A specially crafted request could bypass Multipart protection CVE-2020-13356: An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.8.9. A specially crafted request could bypass Multipart protection and read files in certain specific paths on the server. Affected versions are: >=8.8.9, =13.4, =13.5, <13.5.2.

CVE-2020-13355 [HIGH] CWE-22 CVE-2020-13355: An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.14. A path traversal is found in LFS Upload that allows attacker t CVE-2020-13355: An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.14. A path traversal is found in LFS Upload that allows attacker to overwrite certain specific paths on the server. Affected versions are: >=8.14, =13.4, =13.5, <13.5.2.

CVE-2020-13359 [HIGH] CVE-2020-13359: The Terraform API in GitLab CE/EE 12.10+ exposed the object storage signed URL on the delete operation allowing a malicious project maintainer to over CVE-2020-13359: The Terraform API in GitLab CE/EE 12.10+ exposed the object storage signed URL on the delete operation allowing a malicious project maintainer to overwrite the Terraform state, bypassing audit and other business controls. Affected versions are >=12.10, =13.4, =13.5, <13.5.2.

CVE-2020-26405 [HIGH] CWE-22 CVE-2020-26405: Path traversal vulnerability in package upload functionality in GitLab CE/EE starting from 12.8 allows an attacker to save packages in arbitrary locat CVE-2020-26405: Path traversal vulnerability in package upload functionality in GitLab CE/EE starting from 12.8 allows an attacker to save packages in arbitrary locations. Affected versions are >=12.8, =13.4, =13.5, <13.5.2.

CVE-2020-13358 [MEDIUM] CVE-2020-13358: A vulnerability in the internal Kubernetes agent api in GitLab CE/EE version 13.3 and above allows unauthorized access to private projects. Affected v CVE-2020-13358: A vulnerability in the internal Kubernetes agent api in GitLab CE/EE version 13.3 and above allows unauthorized access to private projects. Affected versions are: >=13.4, =13.3, =13.5, <13.5.2.

CVE-2020-13351 [MEDIUM] CWE-276 CVE-2020-13351: Insufficient permission checks in scheduled pipeline API in GitLab CE/EE 13.0+ allows an attacker to read variable names and values for scheduled pipe CVE-2020-13351: Insufficient permission checks in scheduled pipeline API in GitLab CE/EE 13.0+ allows an attacker to read variable names and values for scheduled pipelines on projects visible to the attacker. Affected versions are >=13.0, =13.4.0, =13.5.0, <13.5.2.

CVE-2020-13354 [MEDIUM] CWE-400 CVE-2020-13354: A potential DOS vulnerability was discovered in GitLab CE/EE starting with version 12.6. The container registry name check could cause exponential num CVE-2020-13354: A potential DOS vulnerability was discovered in GitLab CE/EE starting with version 12.6. The container registry name check could cause exponential number of backtracks for certain user supplied values resulting in high CPU usage. Affected versions are: >=12.6, <13.3.9.

CVE-2020-13352 [LOW] CVE-2020-13352: Private group info is leaked leaked in GitLab CE/EE version 10.2 and above, when the project is moved from private to public group. Affected versions CVE-2020-13352: Private group info is leaked leaked in GitLab CE/EE version 10.2 and above, when the project is moved from private to public group. Affected versions are: >=10.2, =13.4, =13.5, <13.5.2.

CVE-2020-13350 [LOW] CWE-352 CVE-2020-13350: CSRF in runner administration page in all versions of GitLab CE/EE allows an attacker who's able to target GitLab instance administrators to pause/res CVE-2020-13350: CSRF in runner administration page in all versions of GitLab CE/EE allows an attacker who's able to target GitLab instance administrators to pause/resume runners. Affected versions are >=13.5.0, =13.4.0, <13.4.5,<13.3.9.

CVE-2020-13300 [HIGH] CWE-863 CVE-2020-13300: GitLab CE/EE version 13.3 prior to 13.3.4 was vulnerable to an OAuth authorization scope change without user consent in the middle of the authorizatio CVE-2020-13300: GitLab CE/EE version 13.3 prior to 13.3.4 was vulnerable to an OAuth authorization scope change without user consent in the middle of the authorization flow.

CVE-2020-13273 [HIGH] CVE-2020-13273: A Denial of Service vulnerability allowed exhausting the system resources in GitLab CE/EE 12.0 and later through 13.0.1 CVE-2020-13273: A Denial of Service vulnerability allowed exhausting the system resources in GitLab CE/EE 12.0 and later through 13.0.1

CVE-2020-13276 [HIGH] CWE-862 CVE-2020-13276: User is allowed to set an email as a notification email even without verifying the new email in all previous GitLab CE/EE versions through 13.0.1 CVE-2020-13276: User is allowed to set an email as a notification email even without verifying the new email in all previous GitLab CE/EE versions through 13.0.1

CVE-2020-13262 [MEDIUM] CWE-74 CVE-2020-13262: Client-Side code injection through Mermaid markup in GitLab CE/EE 12.9 and later through 13.0.1 allows a specially crafted Mermaid payload to PUT requ CVE-2020-13262: Client-Side code injection through Mermaid markup in GitLab CE/EE 12.9 and later through 13.0.1 allows a specially crafted Mermaid payload to PUT requests on behalf of other users via clicking on a link

CVE-2020-13277 [MEDIUM] CWE-863 CVE-2020-13277: An authorization issue in the mirroring logic allowed read access to private repositories in GitLab CE/EE 10.6 and later through 13.0.5 CVE-2020-13277: An authorization issue in the mirroring logic allowed read access to private repositories in GitLab CE/EE 10.6 and later through 13.0.5

CVE-2020-13264 [MEDIUM] CWE-200 CVE-2020-13264: Kubernetes cluster token disclosure in GitLab CE/EE 10.3 and later through 13.0.1 allows other group maintainers to view Kubernetes cluster token CVE-2020-13264: Kubernetes cluster token disclosure in GitLab CE/EE 10.3 and later through 13.0.1 allows other group maintainers to view Kubernetes cluster token

CVE-2020-13261 [MEDIUM] CWE-200 CVE-2020-13261: Amazon EKS credentials disclosure in GitLab CE/EE 12.6 and later through 13.0.1 allows other administrators to view Amazon EKS credentials via HTML so CVE-2020-13261: Amazon EKS credentials disclosure in GitLab CE/EE 12.6 and later through 13.0.1 allows other administrators to view Amazon EKS credentials via HTML source code

CVE-2020-13265 [MEDIUM] CWE-345 CVE-2020-13265: User email verification bypass in GitLab CE/EE 12.5 and later through 13.0.1 allows user to bypass email verification CVE-2020-13265: User email verification bypass in GitLab CE/EE 12.5 and later through 13.0.1 allows user to bypass email verification