GitLab 12.2 < 13.4.7 / 13.5 < 13.5.5 / 13.6 < 13.6.2 (CVE-2020-26415)
Discription

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: Information about the starred projects for private user profiles was exposed via the GraphQL API starting from 12.2 via the REST API. This affects GitLab &gt;=12.2 to &lt;13.4.7, &gt;=13.5 to &lt;13.5.5, and &gt;=13.6 to &lt;13.6.2. (CVE-2020-26415) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version…Read More

Back to Main

Subscribe for the latest news: