BIT-gitlab-2020-13306

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/gitlab/BIT-gitlab-2020-13306.json
JSON Data
https://api.test.osv.dev/v1/vulns/BIT-gitlab-2020-13306
Aliases
Published
2024-03-06T11:22:28.700Z
Modified
2024-11-27T19:40:48.342Z
Summary
[none]
Details

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. GitLab Webhook feature could be abused to perform denial of service attacks due to the lack of rate limitation.

Database specific
{
    "cpes": [
        "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
        "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*"
    ],
    "severity": "Low"
}
References

Affected packages

Bitnami / gitlab

Package

Name
gitlab
Purl
pkg:bitnami/gitlab

Severity

  • 3.7 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator

Affected ranges

Type
SEMVER
Events
Introduced
1.0.0
Fixed
13.1.10
Introduced
13.2.0
Fixed
13.2.8
Introduced
13.3.0
Fixed
13.3.4