exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5 544

CVE-2020-13300

больше 5 лет назад

GitLab CE/EE version 13.3 prior to 13.3.4 was vulnerable to an OAuth authorization scope change without user consent in the middle of the authorization flow.

CVSS3: 8

EPSS: Низкий

CVE-2020-13300

больше 5 лет назад

GitLab CE/EE version 13.3 prior to 13.3.4 was vulnerable to an OAuth authorization scope change without user consent in the middle of the authorization flow.

CVSS3: 8

EPSS: Низкий

CVE-2020-13300

больше 5 лет назад

GitLab CE/EE version 13.3 prior to 13.3.4 was vulnerable to an OAuth a ...

CVSS3: 8

EPSS: Низкий

CVE-2020-13299

больше 5 лет назад

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. The revocation feature was not revoking all session tokens and one could re-use it to obtain a valid session.

CVSS3: 8.1

EPSS: Низкий

CVE-2020-13299

больше 5 лет назад

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. The revocation feature was not revoking all session tokens and one could re-use it to obtain a valid session.

CVSS3: 8.1

EPSS: Низкий

CVE-2020-13299

больше 5 лет назад

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...

CVSS3: 8.1

EPSS: Низкий

CVE-2020-13298

больше 5 лет назад

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Conan package upload functionality was not properly validating the supplied parameters, which resulted in the limited files disclosure.

CVSS3: 7.2

EPSS: Низкий

CVE-2020-13298

больше 5 лет назад

CVSS3: 7.2

EPSS: Низкий

CVE-2020-13298

больше 5 лет назад

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...

CVSS3: 7.2

EPSS: Низкий

CVE-2020-13297

больше 5 лет назад

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. When 2 factor authentication was enabled for groups, a malicious user could bypass that restriction by sending a specific query to the API endpoint.

CVSS3: 3.8

EPSS: Низкий

CVE-2020-13297

больше 5 лет назад

CVSS3: 3.8

EPSS: Низкий

CVE-2020-13297

больше 5 лет назад

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...

CVSS3: 3.8

EPSS: Низкий

CVE-2020-13296

больше 5 лет назад

An issue has been discovered in GitLab affecting versions >=10.7 <13.0.14, >=13.1.0 <13.1.8, >=13.2.0 <13.2.6. Improper Access Control for Deploy Tokens

CVSS3: 6.5

EPSS: Низкий

CVE-2020-13296

больше 5 лет назад

An issue has been discovered in GitLab affecting versions >=10.7 <13.0.14, >=13.1.0 <13.1.8, >=13.2.0 <13.2.6. Improper Access Control for Deploy Tokens

CVSS3: 6.5

EPSS: Низкий

CVE-2020-13296

больше 5 лет назад

An issue has been discovered in GitLab affecting versions >=10.7 <13.0 ...

CVSS3: 6.5

EPSS: Низкий

CVE-2020-13294

больше 5 лет назад

In GitLab before 13.0.12, 13.1.6 and 13.2.3, access grants were not revoked when a user revoked access to an application.

CVSS3: 4.2

EPSS: Низкий

CVE-2020-13294

больше 5 лет назад

In GitLab before 13.0.12, 13.1.6 and 13.2.3, access grants were not revoked when a user revoked access to an application.

CVSS3: 4.2

EPSS: Низкий

CVE-2020-13294

больше 5 лет назад

In GitLab before 13.0.12, 13.1.6 and 13.2.3, access grants were not re ...

CVSS3: 4.2

EPSS: Низкий

CVE-2020-13293

больше 5 лет назад

In GitLab before 13.0.12, 13.1.6 and 13.2.3 using a branch with a hexadecimal name could override an existing hash.

CVSS3: 6.3

EPSS: Низкий

CVE-2020-13293

больше 5 лет назад

In GitLab before 13.0.12, 13.1.6 and 13.2.3 using a branch with a hexadecimal name could override an existing hash.

CVSS3: 6.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2020-13300 GitLab CE/EE version 13.3 prior to 13.3.4 was vulnerable to an OAuth authorization scope change without user consent in the middle of the authorization flow.	CVSS3: 8	0% Низкий	больше 5 лет назад
CVE-2020-13300 GitLab CE/EE version 13.3 prior to 13.3.4 was vulnerable to an OAuth authorization scope change without user consent in the middle of the authorization flow.	CVSS3: 8	0% Низкий	больше 5 лет назад
CVE-2020-13300 GitLab CE/EE version 13.3 prior to 13.3.4 was vulnerable to an OAuth a ...	CVSS3: 8	0% Низкий	больше 5 лет назад
CVE-2020-13299 A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. The revocation feature was not revoking all session tokens and one could re-use it to obtain a valid session.	CVSS3: 8.1	0% Низкий	больше 5 лет назад
CVE-2020-13299 A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. The revocation feature was not revoking all session tokens and one could re-use it to obtain a valid session.	CVSS3: 8.1	0% Низкий	больше 5 лет назад
CVE-2020-13299 A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...	CVSS3: 8.1	0% Низкий	больше 5 лет назад
CVE-2020-13298 A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Conan package upload functionality was not properly validating the supplied parameters, which resulted in the limited files disclosure.	CVSS3: 7.2	0% Низкий	больше 5 лет назад
CVE-2020-13298 A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Conan package upload functionality was not properly validating the supplied parameters, which resulted in the limited files disclosure.	CVSS3: 7.2	0% Низкий	больше 5 лет назад
CVE-2020-13298 A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...	CVSS3: 7.2	0% Низкий	больше 5 лет назад
CVE-2020-13297 A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. When 2 factor authentication was enabled for groups, a malicious user could bypass that restriction by sending a specific query to the API endpoint.	CVSS3: 3.8	0% Низкий	больше 5 лет назад
CVE-2020-13297 A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. When 2 factor authentication was enabled for groups, a malicious user could bypass that restriction by sending a specific query to the API endpoint.	CVSS3: 3.8	0% Низкий	больше 5 лет назад
CVE-2020-13297 A vulnerability was discovered in GitLab versions before 13.1.10, 13.2 ...	CVSS3: 3.8	0% Низкий	больше 5 лет назад
CVE-2020-13296 An issue has been discovered in GitLab affecting versions >=10.7 <13.0.14, >=13.1.0 <13.1.8, >=13.2.0 <13.2.6. Improper Access Control for Deploy Tokens	CVSS3: 6.5	0% Низкий	больше 5 лет назад
CVE-2020-13296 An issue has been discovered in GitLab affecting versions >=10.7 <13.0.14, >=13.1.0 <13.1.8, >=13.2.0 <13.2.6. Improper Access Control for Deploy Tokens	CVSS3: 6.5	0% Низкий	больше 5 лет назад
CVE-2020-13296 An issue has been discovered in GitLab affecting versions >=10.7 <13.0 ...	CVSS3: 6.5	0% Низкий	больше 5 лет назад
CVE-2020-13294 In GitLab before 13.0.12, 13.1.6 and 13.2.3, access grants were not revoked when a user revoked access to an application.	CVSS3: 4.2	0% Низкий	больше 5 лет назад
CVE-2020-13294 In GitLab before 13.0.12, 13.1.6 and 13.2.3, access grants were not revoked when a user revoked access to an application.	CVSS3: 4.2	0% Низкий	больше 5 лет назад
CVE-2020-13294 In GitLab before 13.0.12, 13.1.6 and 13.2.3, access grants were not re ...	CVSS3: 4.2	0% Низкий	больше 5 лет назад
CVE-2020-13293 In GitLab before 13.0.12, 13.1.6 and 13.2.3 using a branch with a hexadecimal name could override an existing hash.	CVSS3: 6.3	0% Низкий	больше 5 лет назад
CVE-2020-13293 In GitLab before 13.0.12, 13.1.6 and 13.2.3 using a branch with a hexadecimal name could override an existing hash.	CVSS3: 6.3	0% Низкий	больше 5 лет назад

Уязвимостей на страницу