CVE-2020-26409

Опубликовано: 11 дек. 2020

Источник: debian

EPSS Низкий

Описание

A DOS vulnerability exists in Gitlab CE/EE >=10.3, <13.4.7,>=13.5, <13.5.5,>=13.6, <13.6.2 that allows an attacker to trigger uncontrolled resource by bypassing input validation in markdown fields.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gitlab	fixed	13.4.7-1		package

Примечания

https://about.gitlab.com/releases/2020/12/07/security-release-gitlab-13-6-2-released/

EPSS

Процентиль: 38%

0.00169

Низкий

Связанные уязвимости

CVE-2020-26409

CVSS3: 4.3

ubuntu

около 5 лет назад

A DOS vulnerability exists in Gitlab CE/EE >=10.3, <13.4.7,>=13.5, <13.5.5,>=13.6, <13.6.2 that allows an attacker to trigger uncontrolled resource by bypassing input validation in markdown fields.

CVE-2020-26409

CVSS3: 4.3

nvd

около 5 лет назад

A DOS vulnerability exists in Gitlab CE/EE >=10.3, <13.4.7,>=13.5, <13.5.5,>=13.6, <13.6.2 that allows an attacker to trigger uncontrolled resource by bypassing input validation in markdown fields.

GHSA-3jr7-57xj-6hhm

github

больше 3 лет назад

A DOS vulnerability exists in Gitlab CE/EE >=10.3, <13.4.7,>=13.5, <13.5.5,>=13.6, <13.6.2 that allows an attacker to trigger uncontrolled resource by bypassing input validation in markdown fields.

EPSS

Процентиль: 38%

0.00169

Низкий