← Back

CVE-2020-12275

nvd nist
Published: Apr 29, 2020Modified: Nov 21, 2024

JSON object

Loading...
5.3
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Exploitability: 3.9 / Impact: 1.4
Source: NVD

Description

GitLab 12.6 through 12.9 is vulnerable to a privilege escalation that allows an external user to create a personal snippet through the API.

Affected (6)

Products: Gitlab: Gitlab
Gitlab
1 product
Gitlab
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Gitlab
Gitlab
From 12.6.0 to 12.7.8
Gitlab
From 12.8.0 to 12.8.8
Gitlab
From 12.9.0 to 12.9.1
Gitlab
From 12.6.0 to 12.7.8
Gitlab
From 12.8.0 to 12.8.8
Gitlab
From 12.9.0 to 12.9.1

References (2)

Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.