CVE-2020-10535

Опубликовано: 12 мар. 2020

Источник: debian

EPSS Низкий

Описание

GitLab 12.8.x before 12.8.6, when sign-up is enabled, allows remote attackers to bypass email domain restrictions within the two-day grace period for an unconfirmed email address.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gitlab	not-affected			package

Примечания

https://about.gitlab.com/releases/2020/03/11/critical-security-release-gitlab-12-dot-8-dot-6-released/

EPSS

Процентиль: 38%

0.00164

Низкий

Связанные уязвимости

CVE-2020-10535

CVSS3: 5.3

ubuntu

почти 6 лет назад

GitLab 12.8.x before 12.8.6, when sign-up is enabled, allows remote attackers to bypass email domain restrictions within the two-day grace period for an unconfirmed email address.

CVE-2020-10535

CVSS3: 5.3

nvd

почти 6 лет назад

GitLab 12.8.x before 12.8.6, when sign-up is enabled, allows remote attackers to bypass email domain restrictions within the two-day grace period for an unconfirmed email address.

GHSA-h3v8-2pff-ph95

CVSS3: 5.3

github

больше 3 лет назад

GitLab 12.8.x before 12.8.6, when sign-up is enabled, allows remote attackers to bypass email domain restrictions within the two-day grace period for an unconfirmed email address.

EPSS

Процентиль: 38%

0.00164

Низкий