CVE-2020-13316

Опубликовано: 14 сент. 2020

Источник: debian

EPSS Низкий

Описание

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was not validating a Deploy-Token and allowed a disabled repository be accessible via a git command line.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gitlab	fixed	13.2.8-1		package

Примечания

https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/

EPSS

Процентиль: 37%

0.00152

Низкий

Связанные уязвимости

CVE-2020-13316

CVSS3: 5.4

ubuntu

почти 5 лет назад

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was not validating a Deploy-Token and allowed a disabled repository be accessible via a git command line.

CVE-2020-13316

CVSS3: 5.4

nvd

почти 5 лет назад

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was not validating a Deploy-Token and allowed a disabled repository be accessible via a git command line.

GHSA-x8mp-jv75-5hrp

github

около 3 лет назад

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab was not validating a Deploy-Token and allowed a disabled repository be accessible via a git command line.

EPSS

Процентиль: 37%

0.00152

Низкий