CVE-2020-26416

Information disclosure in Advanced Search component of GitLab EE starting from 8.4 results in exposure of search terms via Rails logs. This affects versions >=8.4 to =13.5 to =13.6 to <13.6.2.
Configurations

Configuration 1

cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*

Information

Published : 2020-12-11 04:15

Updated : 2021-07-21 11:39


NVD link : CVE-2020-26416

Mitre link : CVE-2020-26416

Products Affected
No products.
CWE
CWE-532

Insertion of Sensitive Information into Log File