GitLab Community Edition/Enterprise Edition up to 13.0.1 Email Verification privileges management

entryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical has been found in GitLab Community Edition and Enterprise Edition up to 13.0.1 (Bug Tracking Software). This affects an unknown function of the component Email Verification. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1056154310/26/2020VulD...cve_cnaGitLab Inc.nvd.nist.gov10/26/2020accepted70
1056154210/26/2020VulD...confirm_urlhttps://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13265.jsoncve.mitre.org10/26/2020accepted70
1018983606/21/2020VulD...cwe269 (privilege escalation)06/21/2020accepted90
1018983406/21/2020VulD...cve_nvd_summaryUser email verification bypass in GitLab CE/EE 12.5 and later through 13.0.1 allows user to bypass email verificationmitre.org06/21/2020accepted100
1018983306/21/2020VulD...cve_assigned1590019200mitre.org06/21/2020accepted100
1018982806/21/2020VulD...cvss3_nvd_aNnist.gov06/21/2020accepted100
1018982706/21/2020VulD...cvss3_nvd_iLnist.gov06/21/2020accepted100
1018982606/21/2020VulD...cvss3_nvd_cNnist.gov06/21/2020accepted100
1018982506/21/2020VulD...cvss3_nvd_sUnist.gov06/21/2020accepted100
1018982406/21/2020VulD...cvss3_nvd_uiRnist.gov06/21/2020accepted100
1018982306/21/2020VulD...cvss3_nvd_prNnist.gov06/21/2020accepted100
1018982206/21/2020VulD...cvss3_nvd_acLnist.gov06/21/2020accepted100
1018982106/21/2020VulD...cvss3_nvd_avNnist.gov06/21/2020accepted100
1018979506/21/2020VulD...typeBug Tracking Software06/21/2020accepted100
1018984406/21/2020VulD...cvss3_nvd_basescore4.3nist.gov06/21/2020accepted90
1018984306/21/2020VulD...cvss3_vuldb_rcX06/21/2020accepted90
1018984206/21/2020VulD...cvss3_vuldb_rlX06/21/2020accepted90
1018984106/21/2020VulD...cvss3_vuldb_eX06/21/2020accepted90
1018984006/21/2020VulD...cvss2_vuldb_rcND06/21/2020accepted90
1018983906/21/2020VulD...cvss2_vuldb_rlND06/21/2020accepted90

Do you need the next level of professionalism?

Upgrade your account now!