exploitDog

GHSA-857m-xj2v-vhp3

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

CSRF in runner administration page in all versions of GitLab CE/EE allows an attacker who's able to target GitLab instance administrators to pause/resume runners. Affected versions are >=13.5.0, <13.5.2,>=13.4.0, <13.4.5,<13.3.9.

CSRF in runner administration page in all versions of GitLab CE/EE allows an attacker who's able to target GitLab instance administrators to pause/resume runners. Affected versions are >=13.5.0, <13.5.2,>=13.4.0, <13.4.5,<13.3.9.

Ссылки

EPSS

Процентиль: 38%

0.0017

Низкий

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2020-13350

CVSS3: 3.1

ubuntu

около 5 лет назад

CSRF in runner administration page in all versions of GitLab CE/EE allows an attacker who's able to target GitLab instance administrators to pause/resume runners. Affected versions are >=13.5.0, <13.5.2,>=13.4.0, <13.4.5,<13.3.9.

CVE-2020-13350

CVSS3: 3.1

nvd

около 5 лет назад

CSRF in runner administration page in all versions of GitLab CE/EE allows an attacker who's able to target GitLab instance administrators to pause/resume runners. Affected versions are >=13.5.0, <13.5.2,>=13.4.0, <13.4.5,<13.3.9.

CVE-2020-13350

CVSS3: 3.1

debian

около 5 лет назад

CSRF in runner administration page in all versions of GitLab CE/EE all ...

EPSS

Процентиль: 38%

0.0017

Низкий

CVE ID

Дефекты

CWE-352