GitLab Community Edition/Enterprise Edition up to 13.0.1 memory allocation

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as problematic, was found in GitLab Community Edition and Enterprise Edition up to 13.0.1 (Bug Tracking Software). Affected is an unknown part. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Field06/21/2020 10:18 AM10/26/2020 09:20 AM10/26/2020 09:23 AM
vendorGitLabGitLabGitLab
nameCommunity Edition/Enterprise EditionCommunity Edition/Enterprise EditionCommunity Edition/Enterprise Edition
version<=13.0.1<=13.0.1<=13.0.1
risk111
cvss2_vuldb_basescore4.34.34.3
cvss2_vuldb_tempscore4.34.34.3
cvss2_vuldb_avNNN
cvss2_vuldb_acMMM
cvss2_vuldb_auNNN
cvss2_vuldb_ciNNN
cvss2_vuldb_iiNNN
cvss2_vuldb_aiPPP
cvss3_meta_basescore6.46.46.4
cvss3_meta_tempscore6.46.46.4
cvss3_vuldb_basescore5.35.35.3
cvss3_vuldb_tempscore5.35.35.3
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prNNN
cvss3_vuldb_uiNNN
cvss3_vuldb_sUUU
cvss3_vuldb_cNNN
cvss3_vuldb_iNNN
cvss3_vuldb_aLLL
date1592524800 (06/19/2020)1592524800 (06/19/2020)1592524800 (06/19/2020)
urlhttps://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13274.jsonhttps://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13274.jsonhttps://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13274.json
price_0day$0-$5k$0-$5k$0-$5k
cveCVE-2020-13274CVE-2020-13274CVE-2020-13274
seealso157065 157064 157061 157060 157059 157058157065 157064 157061 157060 157059 157058157065 157064 157061 157060 157059 157058
locationWebsiteWebsiteWebsite
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlNDNDND
cvss2_vuldb_rcNDNDND
cvss3_vuldb_eXXX
cvss3_vuldb_rlXXX
cvss3_vuldb_rcXXX
cvss3_nvd_basescore7.57.57.5
typeBug Tracking SoftwareBug Tracking SoftwareBug Tracking Software
cvss3_nvd_avNNN
cvss3_nvd_acLLL
cvss3_nvd_prNNN
cvss3_nvd_uiNNN
cvss3_nvd_sUUU
cvss3_nvd_cNNN
cvss3_nvd_iNNN
cvss3_nvd_aHHH
cve_assigned159001920015900192001590019200
cve_nvd_summaryA security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions through 13.0.1A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions through 13.0.1A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions through 13.0.1
cwe789 (denial of service)789 (denial of service)789 (denial of service)
confirm_urlhttps://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13274.jsonhttps://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13274.json
cve_cnaGitLab Inc.

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!