ledz1996

CVE-2020-13298 WRITEUP HIGH WRITEUP

GitLab <13.1.10-13.3.4 - Info Disclosure

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Conan package upload functionality was not properly validating the supplied parameters, which resulted in the limited files disclosure.

CVSS 7.2

View Code

CVE-2021-22190 WRITEUP HIGH WRITEUP

GitLab 13.7.0-13.7.8 - Path Traversal via GitLab Workhorse

A path traversal vulnerability via the GitLab Workhorse in all versions of GitLab could result in the leakage of a JWT token

CVSS 8.5

View Code