CVE-2020-13270

Опубликовано: 10 июн. 2020

Источник: debian

EPSS Низкий

Описание

Missing permission check on fork relation creation in GitLab CE/EE 11.3 and later through 13.0.1 allows guest users to create a fork relation on restricted public projects via API

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gitlab	fixed	13.2.3-2		package

Примечания

https://about.gitlab.com/releases/2020/05/27/security-release-13-0-1-released/

EPSS

Процентиль: 45%

0.00217

Низкий

Связанные уязвимости

CVE-2020-13270

CVSS3: 7.5

ubuntu

около 5 лет назад

Missing permission check on fork relation creation in GitLab CE/EE 11.3 and later through 13.0.1 allows guest users to create a fork relation on restricted public projects via API

CVE-2020-13270

CVSS3: 7.5

nvd

около 5 лет назад

Missing permission check on fork relation creation in GitLab CE/EE 11.3 and later through 13.0.1 allows guest users to create a fork relation on restricted public projects via API

GHSA-wgh9-p42c-pq7h

CVSS3: 8.8

github

около 3 лет назад

Missing permission check on fork relation creation in GitLab CE/EE 11.3 and later through 13.0.1 allows guest users to create a fork relation on restricted public projects via API

EPSS

Процентиль: 45%

0.00217

Низкий