GitLab Community Edition/Enterprise Edition up to 13.0.1 memory allocation

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as problematic, was found in GitLab Community Edition and Enterprise Edition up to 13.0.1 (Bug Tracking Software). Affected is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field	06/21/2020 10:18 AM	10/26/2020 09:20 AM	10/26/2020 09:23 AM
vendor	GitLab	GitLab	GitLab
name	Community Edition/Enterprise Edition	Community Edition/Enterprise Edition	Community Edition/Enterprise Edition
version	<=13.0.1	<=13.0.1	<=13.0.1
risk	1	1	1
cvss2_vuldb_basescore	4.3	4.3	4.3
cvss2_vuldb_tempscore	4.3	4.3	4.3
cvss2_vuldb_av	N	N	N
cvss2_vuldb_ac	M	M	M
cvss2_vuldb_au	N	N	N
cvss2_vuldb_ci	N	N	N
cvss2_vuldb_ii	N	N	N
cvss2_vuldb_ai	P	P	P
cvss3_meta_basescore	6.4	6.4	6.4
cvss3_meta_tempscore	6.4	6.4	6.4
cvss3_vuldb_basescore	5.3	5.3	5.3
cvss3_vuldb_tempscore	5.3	5.3	5.3
cvss3_vuldb_av	N	N	N
cvss3_vuldb_ac	L	L	L
cvss3_vuldb_pr	N	N	N
cvss3_vuldb_ui	N	N	N
cvss3_vuldb_s	U	U	U
cvss3_vuldb_c	N	N	N
cvss3_vuldb_i	N	N	N
cvss3_vuldb_a	L	L	L
date	1592524800 (06/19/2020)	1592524800 (06/19/2020)	1592524800 (06/19/2020)
url	https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13274.json	https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13274.json	https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13274.json
price_0day	$0-$5k	$0-$5k	$0-$5k
cve	CVE-2020-13274	CVE-2020-13274	CVE-2020-13274
seealso	157065 157064 157061 157060 157059 157058	157065 157064 157061 157060 157059 157058	157065 157064 157061 157060 157059 157058
location	Website	Website	Website
cvss2_vuldb_e	ND	ND	ND
cvss2_vuldb_rl	ND	ND	ND
cvss2_vuldb_rc	ND	ND	ND
cvss3_vuldb_e	X	X	X
cvss3_vuldb_rl	X	X	X
cvss3_vuldb_rc	X	X	X
cvss3_nvd_basescore	7.5	7.5	7.5
type	Bug Tracking Software	Bug Tracking Software	Bug Tracking Software
cvss3_nvd_av	N	N	N
cvss3_nvd_ac	L	L	L
cvss3_nvd_pr	N	N	N
cvss3_nvd_ui	N	N	N
cvss3_nvd_s	U	U	U
cvss3_nvd_c	N	N	N
cvss3_nvd_i	N	N	N
cvss3_nvd_a	H	H	H
cve_assigned	1590019200	1590019200	1590019200
cve_nvd_summary	A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions through 13.0.1	A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions through 13.0.1	A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions through 13.0.1
cwe	789 (denial of service)	789 (denial of service)	789 (denial of service)
confirm_url		https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13274.json	https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13274.json
cve_cna			GitLab Inc.

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!