CVE-2020-13353

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-13353

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-13353.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-13353

Aliases

GHSA-mmmm-chjf-jmvw

Published

2020-11-17T01:15:13Z

Modified

2024-11-23T17:46:23.051638Z

Severity

3.2 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

When importing repos via URL, one time use git credentials were persisted beyond the expected time window in Gitaly 1.79.0 or above.

References

Affected packages

Git / gitlab.com/gitlab-org/gitaly

Affected ranges

Type: GIT
Repo: https://gitlab.com/gitlab-org/gitaly
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

61ec16219b9a4ca2a81e890a5121e2cfae26a517

Affected versions

v0.*

v0.0.1

v0.0.1-test-7

v0.0.1-test-8

v0.1.0

v0.10.0

v0.100.0

v0.101.0

v0.102.0

v0.103.0

v0.104.0

v0.105.0

v0.106.0

v0.107.0

v0.108.0

v0.109.0

v0.11.0

v0.11.1

v0.11.2

v0.110.0

v0.111.0

v0.112.0

v0.113.0

v0.114.0

v0.115.0

v0.116.0

v0.117.0

v0.118.0

v0.119.0

v0.12.0

v0.120.0

v0.121.0

v0.122.0

v0.123.0

v0.124.0

v0.125.0

v0.126.0

v0.127.0

v0.128.0

v0.129.0

v0.13.0

v0.130.0

v0.131.0

v0.132.0

v0.133.0

v0.14.0

v0.15.0

v0.16.0

v0.17.0

v0.18.0

v0.19.0

v0.2.0

v0.20.0

v0.21.0

v0.21.1

v0.21.2

v0.22.0

v0.23.0

v0.24.0

v0.24.1

v0.25.0

v0.26.0

v0.27.0

v0.28.0

v0.29.0

v0.3.0

v0.30.0

v0.31.0

v0.32.0

v0.33.0

v0.34.0

v0.35.0

v0.36.0

v0.37.0

v0.38.0

v0.39.0

v0.4.0

v0.40.0

v0.41.0

v0.42.0

v0.43.0

v0.44.0

v0.45.1

v0.46.0

v0.47.0

v0.48.0

v0.49.0

v0.5.0

v0.50.0

v0.51.0

v0.52.0

v0.53.0

v0.54.0

v0.55.0

v0.56.0

v0.57.0

v0.58.0

v0.59.0

v0.6.0

v0.60.0

v0.61.0

v0.61.1

v0.62.0

v0.63.0

v0.64.0

v0.65.0

v0.66.0

v0.67.0

v0.68.0

v0.69.0

v0.7.0

v0.70.0

v0.71.0

v0.72.0

v0.73.0

v0.74.0

v0.75.0

v0.76.0

v0.77.0

v0.78.0

v0.79.0

v0.8.0

v0.80.0

v0.81.0

v0.82.0

v0.83.0

v0.84.0

v0.85.0

v0.86.0

v0.87.0

v0.88.0

v0.89.0

v0.9.0

v0.90.0

v0.91.0

v0.92.0

v0.93.0

v0.94.0

v0.95.0

v0.96.1

v0.97.0

v0.98.0

v0.99.0

v1.*

v1.0.0

v1.1.0

v1.10.0

v1.11.0

v1.12.0

v1.13.0

v1.14.0

v1.15.0

v1.16.0

v1.17.0

v1.18.0

v1.19.0

v1.19.1

v1.2.0

v1.20.0

v1.21.0

v1.22.0

v1.23.0

v1.24.0

v1.25.0

v1.26.0

v1.27.0

v1.28.0

v1.29.0

v1.3.0

v1.30.0

v1.31.0

v1.32.0

v1.33.0

v1.34.0

v1.35.0

v1.35.1

v1.36.0

v1.37.0

v1.38.0

v1.39.0

v1.4.0

v1.40.0

v1.41.0

v1.42.0

v1.43.0

v1.44.0

v1.45.0

v1.46.0

v1.47.0

v1.48.0

v1.49.0

v1.5.0

v1.50.0

v1.51.0

v1.53.0

v1.56.0

v1.57.0

v1.58.0

v1.59.0

v1.6.0

v1.60.0

v1.61.0

v1.62.0

v1.63.0

v1.64.0

v1.65.0

v1.66.0

v1.67.0

v1.68.0

v1.69.0

v1.7.0

v1.70.0

v1.71.0

v1.72.0

v1.73.0

v1.74.0

v1.75.0

v1.76.0

v1.77.0

v1.78.0

v1.79.0

v1.8.0

v1.80.0

v1.81.0

v1.82.0

v1.83.0

v1.84.0

v1.85.0

v1.86.0

v1.87.0

v1.9.0

v12.*

v12.10.0

v12.10.0-rc1

v12.8.0

v12.8.0-rc42

v12.9.0

v12.9.0-rc1

v12.9.0-rc2

v12.9.0-rc3

v12.9.0-rc4

v12.9.0-rc42

v12.9.0-rc5

v13.*

v13.0.0

v13.0.0-rc1

v13.0.0-rc2

v13.1.0

v13.1.0-rc1

v13.1.0-rc2

v13.1.0-rc3

v13.1.0-rc4

v13.2.0

v13.2.0-rc1

v13.2.0-rc2

v13.3.0

v13.3.0-rc1

v13.3.0-rc2

v13.3.0-rc3

v13.3.0-rc4

v13.3.0-rc5

v13.3.1

v13.3.2

v13.3.3

v13.3.4

v13.3.5

v13.3.6

v13.3.7

v13.3.8

Other

vtest-5

vtest-6