exploitDog

CVE-2020-13292

Опубликовано: 10 авг. 2020

Источник: ubuntu

Приоритет: medium

CVSS2: 5.5

CVSS3: 9.6

Описание

In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass E-mail verification which is required for OAuth Flow.

Релиз	Статус	Примечание
bionic	DNE
devel	DNE
esm-apps/xenial	ignored	not maintainable
esm-infra-legacy/trusty	DNE
esm-infra/focal	DNE
focal	DNE
groovy	DNE
hirsute	DNE
impish	DNE
jammy	DNE

Показывать по

Ссылки на источники

5.5 Medium

CVSS2

9.6 Critical

CVSS3

Связанные уязвимости

CVE-2020-13292

CVSS3: 9.6

nvd

больше 5 лет назад

In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass E-mail verification which is required for OAuth Flow.

CVE-2020-13292

CVSS3: 9.6

debian

больше 5 лет назад

In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass ...

GHSA-35pq-fvh7-h49r

github

больше 3 лет назад

In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass E-mail verification which is required for OAuth Flow.

5.5 Medium

CVSS2

9.6 Critical

CVSS3