Описание
All versions of GitLab CE/EE starting from 12.8 before 13.10.5, all versions starting from 13.11 before 13.11.5, and all versions starting from 13.12 before 13.12.2 were affected by an issue in the handling of x509 certificates that could be used to spoof author of signed commits.
Ссылки
- Vendor Advisory
- Broken Link
- Permissions RequiredThird Party Advisory
- Vendor Advisory
- Broken Link
- Permissions RequiredThird Party Advisory
Уязвимые конфигурации
Одно из
EPSS
2.6 Low
CVSS3
4 Medium
CVSS2
Дефекты
Связанные уязвимости
All versions of GitLab CE/EE starting from 12.8 before 13.10.5, all versions starting from 13.11 before 13.11.5, and all versions starting from 13.12 before 13.12.2 were affected by an issue in the handling of x509 certificates that could be used to spoof author of signed commits.
All versions of GitLab CE/EE starting from 12.8 before 13.10.5, all ve ...
All versions of GitLab CE/EE starting with 12.8 were affected by an issue in the handling of x509 certificates that could be used to spoof author of signed commits.
Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связанная с ошибками процедуры подтверждения подлинности сертификата, позволяющая нарушителю оказать воздействие на целостность данных
EPSS
2.6 Low
CVSS3
4 Medium
CVSS2