VDB
CVE-2020-12448
CVE-2020-12448
PUBLISHED
GitLab EE 12.8 and later allows Exposure of Sensitive Information to an Unauthorized Actor via NuGet.
EPSS 0.11% · 28.4th percentile
Risk Scores
EPSS Score
0.11%
28.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | gitlab | 12.8.0 |
| Bitnami | gitlab | 12.8.0, 12.8.0 |
Exploit Intelligence
- Path traversal in Nuget Package Registry (hackerone)
- Path traversal in Nuget Package Registry (hackerone)
- Path traversal in Nuget Package Registry (hackerone)
- https://about.gitlab.com/blog/categories/releases/ (circl)
- https://about.gitlab.com/releases/2020/04/30/security-release-12-10-2-released/ (circl)
Timeline
- CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jun 7, 2022 PoC Published
- Jul 3, 2022 EPSS Score