CVE-2020-13327Gitlab Runner vulnerability

5 documents5 sources
Severity
7.5HIGHNVD
CNA6.0
EPSS
0.1%
top 71.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Gitlab RunnerGitlab Runner
Timeline
PublishedOct 22
Latest updateMay 24

Description

An issue has been discovered in GitLab Runner affecting all versions starting from 13.4.0 before 13.4.2, all versions starting from 13.3.0 before 13.3.7, all versions starting from 13.2.0 before 13.2.10. Insecure Runner Configuration in Kubernetes Environments

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.6 | Impact: 5.9

Affected Packages2 packages

NVDgitlab/runner13.2.013.2.10+2
CVEListV5gitlab/gitlab_runner>=13.2.0, <13.2.10, >=13.3.0, <13.3.7, >=13.4.0, <13.4.2+2

🔴Vulnerability Details

3
GHSA
GHSA-rjrm-vx9g-7gr2: An issue has been discovered in GitLab Runner affecting all versions starting from 132022-05-24
OSV
CVE-2020-13327: An issue has been discovered in GitLab Runner affecting all versions starting from 132020-10-22
CVEList
CVE-2020-13327: An issue has been discovered in GitLab Runner affecting all versions starting from 132020-10-22

📋Vendor Advisories

1
GitLab
CVE-2020-13327: An issue has been discovered in GitLab Runner affecting all versions starting from 13.4.0 before 13.4.2, all versions starting from 13.3.0 before 13.32020-10-22
CVE-2020-13327 — Gitlab Runner vulnerability | cvebase