CVE-2020-13274
published 2020-06-19CVE-2020-13274: A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions through…
PriorityP434high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
1.15%
62.9th percentile
A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions through 13.0.1
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gitlab | < gitlab 13.2.3-2 (sid) | gitlab 13.2.3-2 (sid) |
| gitlab | gitlab | < 12.9.8 | 12.9.8 |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | >= 12.10.0 < 12.10.7 | 12.10.7 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv7.5HIGH
vendor_debian7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GitLab
CVE-2020-13274: A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab version
vendor_gitlab·2020-06-19·CVSS 7.5
CVE-2020-13274 [HIGH] CVE-2020-13274: A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab version
CVE-2020-13274: A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions through 13.0.1
Debian
CVE-2020-13274: gitlab - A security issue allowed achieving Denial of Service attacks through memory exha...
vendor_debian·2020·CVSS 7.5
CVE-2020-13274 [HIGH] CVE-2020-13274: gitlab - A security issue allowed achieving Denial of Service attacks through memory exha...
A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions through 13.0.1
Scope: local
sid: resolved (fixed in 13.2.3-2)
GHSA
GHSA-p7jp-3g8m-8m7m: A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab version
ghsa_unreviewed·2022-05-24
CVE-2020-13274 [MEDIUM] CWE-400 GHSA-p7jp-3g8m-8m7m: A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab version
A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions through 13.0.1
OSV
CVE-2020-13274: A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab version
osv·2020-06-19·CVSS 7.5
CVE-2020-13274 [HIGH] CVE-2020-13274: A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab version
A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions through 13.0.1
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2020-06-19
Published