Publishing 17 updated advisories and 1 new advisories

e7d1e8ca · 🤖 GitLab Bot 🤖 · 37478708 · e7d1e8ca · e7d1e8ca · e7d1e8ca
Commit e7d1e8ca authored Jun 22, 2020 by 🤖 GitLab Bot 🤖
18 changed files
--- a/2020/CVE-2020-13261.json
+++ b/2020/CVE-2020-13261.json
@@ -66,6 +66,14 @@
      }
    ]
  },
+  "description": {
+    "description_data": [
+      {
+        "lang": "eng",
+        "value": "Amazon EKS credentials disclosure in GitLab CE/EE 12.6 and later through 13.0.1 allows other administrators to view Amazon EKS credentials via HTML source code"
+      }
+    ]
+  },
  "impact": {
    "cvss": {
      "vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
@@ -82,14 +90,6 @@
      "baseSeverity": "MEDIUM"
    }
  },
-  "description": {
-    "description_data": [
-      {
-        "lang": "eng",
-        "value": "Amazon EKS credentials disclosure in GitLab CE/EE 12.6 and later through 13.0.1 allows other administrators to view Amazon EKS credentials via HTML source code"
-      }
-    ]
-  },
  "credit": [
    {
      "lang": "eng",

--- a/2020/CVE-2020-13262.json
+++ b/2020/CVE-2020-13262.json
@@ -66,6 +66,14 @@
      }
    ]
  },
+  "description": {
+    "description_data": [
+      {
+        "lang": "eng",
+        "value": "Client-Side code injection through Mermaid markup in GitLab CE/EE 12.9 and later through 13.0.1 allows a specially crafted Mermaid payload to PUT requests on behalf of other users via clicking on a link"
+      }
+    ]
+  },
  "impact": {
    "cvss": {
      "vectorString": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
@@ -82,14 +90,6 @@
      "baseSeverity": "MEDIUM"
    }
  },
-  "description": {
-    "description_data": [
-      {
-        "lang": "eng",
-        "value": "Client-Side code injection through Mermaid markup in GitLab CE/EE 12.9 and later through 13.0.1 allows a specially crafted Mermaid payload to PUT requests on behalf of other users via clicking on a link"
-      }
-    ]
-  },
  "credit": [
    {
      "lang": "eng",

--- a/2020/CVE-2020-13263.json
+++ b/2020/CVE-2020-13263.json
@@ -66,6 +66,14 @@
      }
    ]
  },
+  "description": {
+    "description_data": [
+      {
+        "lang": "eng",
+        "value": "An authorization issue relating to project maintainer impersonation was identified in GitLab EE 9.5 and later through 13.0.1 that could allow unauthorized users to impersonate as a maintainer to perform limited actions. "
+      }
+    ]
+  },
  "impact": {
    "cvss": {
      "vectorString": "AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
@@ -82,14 +90,6 @@
      "baseSeverity": "HIGH"
    }
  },
-  "description": {
-    "description_data": [
-      {
-        "lang": "eng",
-        "value": "An authorization issue relating to project maintainer impersonation was identified in GitLab EE 9.5 and later through 13.0.1 that could allow unauthorized users to impersonate as a maintainer to perform limited actions. "
-      }
-    ]
-  },
  "credit": [
    {
      "lang": "eng",

--- a/2020/CVE-2020-13264.json
+++ b/2020/CVE-2020-13264.json
@@ -66,6 +66,14 @@
      }
    ]
  },
+  "description": {
+    "description_data": [
+      {
+        "lang": "eng",
+        "value": "Kubernetes cluster token disclosure in GitLab CE/EE 10.3 and later through 13.0.1 allows other group maintainers to view Kubernetes cluster token"
+      }
+    ]
+  },
  "impact": {
    "cvss": {
      "vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
@@ -82,14 +90,6 @@
      "baseSeverity": "MEDIUM"
    }
  },
-  "description": {
-    "description_data": [
-      {
-        "lang": "eng",
-        "value": "Kubernetes cluster token disclosure in GitLab CE/EE 10.3 and later through 13.0.1 allows other group maintainers to view Kubernetes cluster token"
-      }
-    ]
-  },
  "credit": [
    {
      "lang": "eng",

--- a/2020/CVE-2020-13265.json
+++ b/2020/CVE-2020-13265.json
@@ -66,6 +66,14 @@
      }
    ]
  },
+  "description": {
+    "description_data": [
+      {
+        "lang": "eng",
+        "value": "User email verification bypass in GitLab CE/EE 12.5 and later through 13.0.1 allows user to bypass email verification"
+      }
+    ]
+  },
  "impact": {
    "cvss": {
      "vectorString": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
@@ -82,14 +90,6 @@
      "baseSeverity": "MEDIUM"
    }
  },
-  "description": {
-    "description_data": [
-      {
-        "lang": "eng",
-        "value": "User email verification bypass in GitLab CE/EE 12.5 and later through 13.0.1 allows user to bypass email verification"
-      }
-    ]
-  },
  "credit": [
    {
      "lang": "eng",

--- a/2020/CVE-2020-13266.json
+++ b/2020/CVE-2020-13266.json
@@ -61,6 +61,14 @@
      }
    ]
  },
+  "description": {
+    "description_data": [
+      {
+        "lang": "eng",
+        "value": "Insecure authorization in Project Deploy Keys in GitLab CE/EE 12.8 and later through 13.0.1 allows users to update permissions of other users' deploy keys under certain conditions"
+      }
+    ]
+  },
  "impact": {
    "cvss": {
      "vectorString": "AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
@@ -77,14 +85,6 @@
      "baseSeverity": "MEDIUM"
    }
  },
-  "description": {
-    "description_data": [
-      {
-        "lang": "eng",
-        "value": "Insecure authorization in Project Deploy Keys in GitLab CE/EE 12.8 and later through 13.0.1 allows users to update permissions of other users' deploy keys under certain conditions"
-      }
-    ]
-  },
  "credit": [
    {
      "lang": "eng",

--- a/2020/CVE-2020-13267.json
+++ b/2020/CVE-2020-13267.json
@@ -66,6 +66,14 @@
      }
    ]
  },
+  "description": {
+    "description_data": [
+      {
+        "lang": "eng",
+        "value": "A Stored Cross-Site Scripting vulnerability allowed the execution on Javascript payloads on the Metrics Dashboard in GitLab CE/EE 12.8 and later through 13.0.1"
+      }
+    ]
+  },
  "impact": {
    "cvss": {
      "vectorString": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
@@ -82,14 +90,6 @@
      "baseSeverity": "MEDIUM"
    }
  },
-  "description": {
-    "description_data": [
-      {
-        "lang": "eng",
-        "value": "A Stored Cross-Site Scripting vulnerability allowed the execution on Javascript payloads on the Metrics Dashboard in GitLab CE/EE 12.8 and later through 13.0.1"
-      }
-    ]
-  },
  "credit": [
    {
      "lang": "eng",

--- a/2020/CVE-2020-13268.json
+++ b/2020/CVE-2020-13268.json
@@ -66,6 +66,14 @@
      }
    ]
  },
+  "description": {
+    "description_data": [
+      {
+        "lang": "eng",
+        "value": "A specially crafted request could be used to confirm the existence of files hosted on object storage services, without disclosing their contents. This vulnerability affects GitLab CE/EE 12.10 and later through 13.0.1"
+      }
+    ]
+  },
  "impact": {
    "cvss": {
      "vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
@@ -82,14 +90,6 @@
      "baseSeverity": "MEDIUM"
    }
  },
-  "description": {
-    "description_data": [
-      {
-        "lang": "eng",
-        "value": "A specially crafted request could be used to confirm the existence of files hosted on object storage services, without disclosing their contents. This vulnerability affects GitLab CE/EE 12.10 and later through 13.0.1"
-      }
-    ]
-  },
  "credit": [
    {
      "lang": "eng",

--- a/2020/CVE-2020-13269.json
+++ b/2020/CVE-2020-13269.json
@@ -63,6 +63,14 @@
      }
    ]
  },
+  "description": {
+    "description_data": [
+      {
+        "lang": "eng",
+        "value": "A Reflected Cross-Site Scripting vulnerability allowed the execution of arbitrary Javascript code on the Static Site Editor in GitLab CE/EE 12.10 and later through 13.0.1"
+      }
+    ]
+  },
  "impact": {
    "cvss": {
      "vectorString": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
@@ -79,14 +87,6 @@
      "baseSeverity": "MEDIUM"
    }
  },
-  "description": {
-    "description_data": [
-      {
-        "lang": "eng",
-        "value": "A Reflected Cross-Site Scripting vulnerability allowed the execution of arbitrary Javascript code on the Static Site Editor in GitLab CE/EE 12.10 and later through 13.0.1"
-      }
-    ]
-  },
  "credit": [
    {
      "lang": "eng",

--- a/2020/CVE-2020-13270.json
+++ b/2020/CVE-2020-13270.json
@@ -66,6 +66,14 @@
      }
    ]
  },
+  "description": {
+    "description_data": [
+      {
+        "lang": "eng",
+        "value": "Missing permission check on fork relation creation in GitLab CE/EE 11.3 and later through 13.0.1 allows guest users to create a fork relation on restricted public projects via API"
+      }
+    ]
+  },
  "impact": {
    "cvss": {
      "vectorString": "AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
@@ -82,14 +90,6 @@
      "baseSeverity": "HIGH"
    }
  },
-  "description": {
-    "description_data": [
-      {
-        "lang": "eng",
-        "value": "Missing permission check on fork relation creation in GitLab CE/EE 11.3 and later through 13.0.1 allows guest users to create a fork relation on restricted public projects via API"
-      }
-    ]
-  },
  "credit": [
    {
      "lang": "eng",

--- a/2020/CVE-2020-13271.json
+++ b/2020/CVE-2020-13271.json
@@ -66,6 +66,14 @@
      }
    ]
  },
+  "description": {
+    "description_data": [
+      {
+        "lang": "eng",
+        "value": "A Stored Cross-Site Scripting vulnerability allowed the execution of arbitrary Javascript code in the blobs API in all previous GitLab CE/EE versions through 13.0.1"
+      }
+    ]
+  },
  "impact": {
    "cvss": {
      "vectorString": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
@@ -82,14 +90,6 @@
      "baseSeverity": "MEDIUM"
    }
  },
-  "description": {
-    "description_data": [
-      {
-        "lang": "eng",
-        "value": "A Stored Cross-Site Scripting vulnerability allowed the execution of arbitrary Javascript code in the blobs API in all previous GitLab CE/EE versions through 13.0.1"
-      }
-    ]
-  },
  "credit": [
    {
      "lang": "eng",

--- a/2020/CVE-2020-13272.json
+++ b/2020/CVE-2020-13272.json
@@ -66,6 +66,14 @@
      }
    ]
  },
+  "description": {
+    "description_data": [
+      {
+        "lang": "eng",
+        "value": "OAuth flow missing verification checks CE/EE 12.3 and later through 13.0.1 allows unverified user to use OAuth authorization code flow"
+      }
+    ]
+  },
  "impact": {
    "cvss": {
      "vectorString": "AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
@@ -82,14 +90,6 @@
      "baseSeverity": "HIGH"
    }
  },
-  "description": {
-    "description_data": [
-      {
-        "lang": "eng",
-        "value": "OAuth flow missing verification checks CE/EE 12.3 and later through 13.0.1 allows unverified user to use OAuth authorization code flow"
-      }
-    ]
-  },
  "credit": [
    {
      "lang": "eng",

--- a/2020/CVE-2020-13273.json
+++ b/2020/CVE-2020-13273.json
@@ -58,6 +58,14 @@
      }
    ]
  },
+  "description": {
+    "description_data": [
+      {
+        "lang": "eng",
+        "value": "A Denial of Service vulnerability allowed exhausting the system resources in GitLab CE/EE 12.0 and later through 13.0.1"
+      }
+    ]
+  },
  "impact": {
    "cvss": {
      "vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
@@ -74,14 +82,6 @@
      "baseSeverity": "HIGH"
    }
  },
-  "description": {
-    "description_data": [
-      {
-        "lang": "eng",
-        "value": "A Denial of Service vulnerability allowed exhausting the system resources in GitLab CE/EE 12.0 and later through 13.0.1"
-      }
-    ]
-  },
  "credit": [
    {
      "lang": "eng",

--- a/2020/CVE-2020-13274.json
+++ b/2020/CVE-2020-13274.json
@@ -61,6 +61,14 @@
      }
    ]
  },
+  "description": {
+    "description_data": [
+      {
+        "lang": "eng",
+        "value": "A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions through 13.0.1"
+      }
+    ]
+  },
  "impact": {
    "cvss": {
      "vectorString": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
@@ -77,14 +85,6 @@
      "baseSeverity": "HIGH"
    }
  },
-  "description": {
-    "description_data": [
-      {
-        "lang": "eng",
-        "value": "A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions through 13.0.1"
-      }
-    ]
-  },
  "credit": [
    {
      "lang": "eng",

--- a/2020/CVE-2020-13275.json
+++ b/2020/CVE-2020-13275.json
@@ -66,6 +66,14 @@
      }
    ]
  },
+  "description": {
+    "description_data": [
+      {
+        "lang": "eng",
+        "value": "A user with an unverified email address could request an access to domain restricted groups in GitLab EE 12.2 and later through 13.0.1 "
+      }
+    ]
+  },
  "impact": {
    "cvss": {
      "vectorString": "AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
@@ -82,14 +90,6 @@
      "baseSeverity": "HIGH"
    }
  },
-  "description": {
-    "description_data": [
-      {
-        "lang": "eng",
-        "value": "A user with an unverified email address could request an access to domain restricted groups in GitLab EE 12.2 and later through 13.0.1 "
-      }
-    ]
-  },
  "credit": [
    {
      "lang": "eng",

--- a/2020/CVE-2020-13276.json
+++ b/2020/CVE-2020-13276.json
@@ -66,6 +66,14 @@
      }
    ]
  },
+  "description": {
+    "description_data": [
+      {
+        "lang": "eng",
+        "value": "User is allowed to set an email as a notification email even without verifying the new email in all previous GitLab CE/EE versions through 13.0.1"
+      }
+    ]
+  },
  "impact": {
    "cvss": {
      "vectorString": "AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L",
@@ -82,14 +90,6 @@
      "baseSeverity": "HIGH"
    }
  },
-  "description": {
-    "description_data": [
-      {
-        "lang": "eng",
-        "value": "User is allowed to set an email as a notification email even without verifying the new email in all previous GitLab CE/EE versions through 13.0.1"
-      }
-    ]
-  },
  "credit": [
    {
      "lang": "eng",

--- a/2020/CVE-2020-13277.json
+++ b/2020/CVE-2020-13277.json
@@ -66,6 +66,14 @@
      }
    ]
  },
+  "description": {
+    "description_data": [
+      {
+        "lang": "eng",
+        "value": "An authorization issue in the mirroring logic allowed read access to private repositories in GitLab CE/EE 10.6 and later through 13.0.5"
+      }
+    ]
+  },
  "impact": {
    "cvss": {
      "vectorString": "AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
@@ -82,14 +90,6 @@
      "baseSeverity": "MEDIUM"
    }
  },
-  "description": {
-    "description_data": [
-      {
-        "lang": "eng",
-        "value": "An authorization issue in the mirroring logic allowed read access to private repositories in GitLab CE/EE 10.6 and later through 13.0.5"
-      }
-    ]
-  },
  "credit": [
    {
      "lang": "eng",

--- a/2020/CVE-2020-13279.json
+++ b/2020/CVE-2020-13279.json
+{
+  "data_type": "CVE",
+  "data_format": "MITRE",
+  "data_version": "4.0",
+  "CVE_data_meta": {
+    "ID": "CVE-2020-13279",
+    "ASSIGNER": "cve@gitlab.com"
+  },
+  "affects": {
+    "vendor": {
+      "vendor_data": [
+        {
+          "vendor_name": "GitLab",
+          "product": {
+            "product_data": [
+              {
+                "product_name": "gitlab-vscode-extension",
+                "version": {
+                  "version_data": [
+                    {
+                      "version_value": "<=2.2.0"
+                    }
+                  ]
+                }
+              }
+            ]
+          }
+        }
+      ]
+    }
+  },
+  "problemtype": {
+    "problemtype_data": [
+      {
+        "description": [
+          {
+            "lang": "eng",
+            "value": "Uncontrolled search path element in gitlab-vscode-extension"
+          }
+        ]
+      }
+    ]
+  },
+  "references": {
+    "reference_data": [
+      {
+        "name": "https://gitlab.com/gitlab-org/gitlab-vscode-extension/-/issues/170",
+        "url": "https://gitlab.com/gitlab-org/gitlab-vscode-extension/-/issues/170",
+        "refsource": "MISC"
+      },
+      {
+        "name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13279.json",
+        "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13279.json",
+        "refsource": "CONFIRM"
+      }
+    ]
+  },
+  "description": {
+    "description_data": [
+      {
+        "lang": "eng",
+        "value": "Client side code execution in gitlab-vscode-extension v2.2.0 allows attacker to execute code on user system"
+      }
+    ]
+  },
+  "impact": {
+    "cvss": {
+      "vectorString": "AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
+      "attackComplexity": "LOW",
+      "attackVector": "LOCAL",
+      "availabilityImpact": "HIGH",
+      "confidentialityImpact": "HIGH",
+      "integrityImpact": "HIGH",
+      "privilegesRequired": "NONE",
+      "scope": "CHANGED",
+      "userInteraction": "REQUIRED",
+      "version": "3.1",
+      "baseScore": 8.5,
+      "baseSeverity": "HIGH"
+    }
+  },
+  "credit": [
+    {
+      "lang": "eng",
+      "value": "GitLab security research team"
+    }
+  ]
+}
\ No newline at end of file