GitLab 13.1 < 13.4.7 / 13.5 < 13.5.5 / 13.6 < 13.6.2 (CVE-2020-26417)
Discription

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: Information disclosure via GraphQL in GitLab CE/EE 13.1 and later exposes private group and project membership. This affects versions &gt;=13.6 to &lt;13.6.2, &gt;=13.5 to &lt;13.5.5, and &gt;=13.1 to &lt;13.4.7. (CVE-2020-26417) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version…Read More

Back to Main

Subscribe for the latest news: