{"vulnerability": "cve-2020-1329", "sightings": [{"uuid": "8c2ea0f9-b12e-43c8-a373-82690a8d9cdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13295", "type": "seen", "source": "https://t.me/cibsecurity/13998", "content": "ATENTION\u203c New - CVE-2020-13295\n\nFor GitLab Runner before 13.0.12, 13.1.6, 13.2.3, by replacing dockerd with a malicious server, the Shared Runner is susceptible to SSRF.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-08-10T18:55:20.000000Z"}, {"uuid": "b507acbc-1346-484f-b4f0-2b2ff578750d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13294", "type": "seen", "source": "https://t.me/cibsecurity/13999", "content": "ATENTION\u203c New - CVE-2020-13294\n\nIn GitLab before 13.0.12, 13.1.6 and 13.2.3, access grants were not revoked when a user revoked access to an application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-08-10T18:55:20.000000Z"}, {"uuid": "7f65f006-bc6d-45d7-a1c3-124c9e299024", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13293", "type": "seen", "source": "https://t.me/cibsecurity/14000", "content": "ATENTION\u203c New - CVE-2020-13293\n\nIn GitLab before 13.0.12, 13.1.6 and 13.2.3 using a branch with a hexadecimal name could override an existing hash.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-08-10T18:55:21.000000Z"}, {"uuid": "3d490314-d8b6-4b35-8251-75002a3476eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13292", "type": "seen", "source": "https://t.me/cibsecurity/14001", "content": "ATENTION\u203c New - CVE-2020-13292\n\nIn GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass E-mail verification which is required for OAuth Flow.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-08-10T18:55:22.000000Z"}]}