CVE-2020-13295
HIGH8.8EPSS 0.20%Published: 3/6/2024Modified: 4/3/2025
Description
For GitLab Runner before 13.0.12, 13.1.6, 13.2.3, by replacing dockerd with a malicious server, the Shared Runner is susceptible to SSRF.
Affected packages (1)
- Bitnami/gitlab-runner>= 1.0.0, < 13.0.12, >= 13.1.0, < 13.1.6, >= 13.2.0, < 13.2.3
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |