CVE Vulnerabilities

CVE-2020-13274

Published: Jun 19, 2020 | Modified: Jul 21, 2021
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions through 13.0.1

Affected Software

Name Vendor Start Version End Version
Gitlab Gitlab * 12.9.8 (excluding)
Gitlab Gitlab 12.10.0 (including) 12.10.7 (excluding)
Gitlab Gitlab 13.0.0 (including) 13.0.0 (including)
Gitlab Ubuntu esm-apps/xenial *
Gitlab Ubuntu xenial *

References