Lucene search
GitLabCVELIST:CVE-2020-13312HistorySep 14, 2020 - 7:44 p.m.
CVE-2020-13312
2020-09-1419:44:41
GitLab
www.cve.org
1
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
9.2 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
64.7%
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab OAuth endpoint was vulnerable to brute-force attacks through a specific parameter.
CNA Affected
[
{
"product": "GitLab",
"vendor": "GitLab",
"versions": [
{
"status": "affected",
"version": ">=7.7, <13.1.10"
},
{
"status": "affected",
"version": ">=13.2, <13.2.8"
},
{
"status": "affected",
"version": ">=13.3, <13.3.4"
}
]
}
]Related
debiancve
debiancve
CVE-2020-13312
2020-09-14 20:15:11
nessus
nessus
GitLab 7.7 < 13.1.10 / 13.2 < 13.2.8 / 13.3 < 13.3.4 (CVE-2020-13312)
2024-05-17 00:00:00
cve
cve
CVE-2020-13312
2020-09-14 20:15:11
osv
osv
CVE-2020-13312
2020-09-14 20:15:11
BIT-gitlab-2020-13312
2024-03-06 11:22:21
prion
prion
Design/Logic Flaw
2020-09-14 20:15:00
nvd
nvd
CVE-2020-13312
2020-09-14 20:15:11
ubuntucve
ubuntucve
CVE-2020-13312
2020-09-14 00:00:00
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
9.2 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
64.7%
Related for CVELIST:CVE-2020-13312