CVE-2020-26409

Sažetak

A DOS vulnerability exists in Gitlab CE/EE >=10.3, <13.4.7,>=13.5, <13.5.5,>=13.6, <13.6.2 that allows an attacker to trigger uncontrolled resource by bypassing input validation in markdown fields.

Reference

https://gitlab.com/gitlab-org/gitlab/-/issues/259626
https://hackerone.com/reports/990461
https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-26409.json

CVSS

Base:	4.0
Impact:	2.9
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:L/Au:S/C:N/I:N/A:P

Zadnje važnije ažuriranje

21-07-2021 - 11:39

Objavljeno

11-12-2020 - 02:15