CVE-2020-26412

Опубликовано: 11 дек. 2020

Источник: nvd

CVSS3: 3.1

CVSS3: 4.3

CVSS2: 4

EPSS Низкий

Описание

Removed group members were able to use the To-Do functionality to retrieve updated information on confidential epics starting in GitLab EE 13.2 before 13.6.2.

Ссылки

https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26412.json
Vendor Advisory
https://gitlab.com/gitlab-org/gitlab/-/issues/228670
Broken Link
https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26412.json
Vendor Advisory
https://gitlab.com/gitlab-org/gitlab/-/issues/228670
Broken Link

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*

Версия от 13.2.0 (включая) до 13.6.2 (исключая)

EPSS

Процентиль: 33%

0.00131

Низкий

3.1 Low

CVSS3

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2020-26412

CVSS3: 3.1

ubuntu

около 5 лет назад

Removed group members were able to use the To-Do functionality to retrieve updated information on confidential epics starting in GitLab EE 13.2 before 13.6.2.

CVE-2020-26412

CVSS3: 3.1

debian

около 5 лет назад

Removed group members were able to use the To-Do functionality to retr ...

GHSA-66h6-4ppg-82p8

github

больше 3 лет назад

Removed group members were able to use the To-Do functionality to retrieve updated information on confidential epics starting in GitLab EE 13.2 before 13.6.2.

CVE-2021-27065

CVSS3: 7.8

msrc

почти 5 лет назад

Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2021-26858

CVSS3: 7.8

msrc

почти 5 лет назад

Microsoft Exchange Server Remote Code Execution Vulnerability

EPSS

Процентиль: 33%

0.00131

Низкий

3.1 Low

CVSS3

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo