CVE-2020-13327

EPSS 0.11%
Published 22.10.2020 21:15:12
Last modified 21.11.2024 05:01:02
Source cve@gitlab.com
Teams watchlist Login
Open Login

An issue has been discovered in GitLab Runner affecting all versions starting from 13.4.0 before 13.4.2, all versions starting from 13.3.0 before 13.3.7, all versions starting from 13.2.0 before 13.2.10. Insecure Runner Configuration in Kubernetes Environments

Affected products Warnungen 0 Metrics 4 CWE 0 References 5

Data is provided by the National Vulnerability Database (NVD)

Gitlab ≫ Runner Version >= 13.2.0 < 13.2.10

Gitlab ≫ Runner Version >= 13.3.0 < 13.3.7

Gitlab ≫ Runner Version >= 13.4.0 < 13.4.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.11%	0.257

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	1.6	5.9	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	6	6.8	6.4	AV:N/AC:M/Au:S/C:P/I:P/A:P
cve@gitlab.com	6	1.8	3.7	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L

https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13327.json

Vendor Advisory

https://gitlab.com/gitlab-org/gitlab-runner/-/issues/26833

Vendor Advisory

Broken Link

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2020-13327

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-13327

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-13327

EUVD