CVE-2020-13295
HIGH8.8EPSS 0.20%發布日:2024/3/6修改日:2025/4/3
描述
For GitLab Runner before 13.0.12, 13.1.6, 13.2.3, by replacing dockerd with a malicious server, the Shared Runner is susceptible to SSRF.
受影響套件(1)
- Bitnami/gitlab-runner>= 1.0.0, < 13.0.12, >= 13.1.0, < 13.1.6, >= 13.2.0, < 13.2.3
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.8 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |