Опубликовано: 24 мар. 2018
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.5
CVSS3: 9.8
Описание
The Auth0 integration in GitLab before 10.3.9, 10.4.x before 10.4.6, and 10.5.x before 10.5.6 has an incorrect omniauth-auth0 configuration, leading to signing in unintended users.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-apps/xenial | ignored | not maintainable |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE |
Показывать по
10
EPSS
Процентиль: 39%
0.00172
Низкий
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
CVSS3: 9.8
nvd
больше 7 лет назад
The Auth0 integration in GitLab before 10.3.9, 10.4.x before 10.4.6, and 10.5.x before 10.5.6 has an incorrect omniauth-auth0 configuration, leading to signing in unintended users.
CVSS3: 9.8
debian
больше 7 лет назад
The Auth0 integration in GitLab before 10.3.9, 10.4.x before 10.4.6, a ...
CVSS3: 9.8
github
около 3 лет назад
The Auth0 integration in GitLab before 10.3.9, 10.4.x before 10.4.6, and 10.5.x before 10.5.6 has an incorrect omniauth-auth0 configuration, leading to signing in unintended users.
EPSS
Процентиль: 39%
0.00172
Низкий
7.5 High
CVSS2
9.8 Critical
CVSS3