gitaly 13.5.0.pre.rc1

1 security vulnerability found in version 13.5.0.pre.rc1

Gitaly Insufficient Session Expiration vulnerability

low severity CVE-2020-13353
low severity CVE-2020-13353
Patched versions: ~> 13.3.9, ~> 13.4.5, >= 13.5.2
Unaffected versions: < 1.79.0

When importing repos via URL, one time use git credentials were persisted beyond the expected time window in Gitaly 1.79.0 or above. Affected versions are:

=1.79.0, <13.3.9,>=13.4, <13.4.5,>=13.5, <13.5.2.

No officially reported memory leakage issues detected.


This gem version does not have any officially reported memory leaked issues.

No license issues detected.


This gem version has a license in the gemspec.

This gem version is available.


This gem version has not been yanked and is still available for usage.