CVE-2020-26405

Published: Nov 17, 2020Modified: Nov 21, 2024

7.1

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

Exploitability: 2.8 / Impact: 4.2

Source: NVD

Description

Path traversal vulnerability in package upload functionality in GitLab CE/EE starting from 12.8 allows an attacker to save packages in arbitrary locations. Affected versions are >=12.8, <13.3.9,>=13.4, <13.4.5,>=13.5, <13.5.2.

Affected (6)

Products: Gitlab: Gitlab

1 product

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Gitlab Gitlab	From 12.8.0 to 13.3.9
Gitlab Gitlab	From 13.4.0 to 13.4.5
Gitlab Gitlab	From 13.5.0 to 13.5.2
Gitlab Gitlab	From 12.8.0 to 13.3.9
Gitlab Gitlab	From 13.4.0 to 13.4.5
Gitlab Gitlab	From 13.5.0 to 13.5.2

Related CWEs

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

References (6)

https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26405.json

Source: cve@gitlab.com

Vendor Advisory

https://gitlab.com/gitlab-org/gitlab/-/issues/247371

Source: cve@gitlab.com

Broken Link

https://hackerone.com/reports/835427

Source: cve@gitlab.com

Permissions RequiredThird Party Advisory

https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26405.json

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://gitlab.com/gitlab-org/gitlab/-/issues/247371

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

https://hackerone.com/reports/835427

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredThird Party Advisory

Timeline

No history available yet.