Candidate: CVE-2020-13306
PublicDate: 2020-09-14 22:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13306
 https://about.gitlab.com/releases/2020/09/02/security-release-gitlab-13-3-3-released/
Description:
 A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8
 and 13.3.4. GitLab Webhook feature could be abused to perform denial of
 service attacks due to the lack of rate limitation.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H [7.5 HIGH]


Patches_gitlab:
upstream_gitlab: released (13.2.8-1)
precise/esm_gitlab: DNE
trusty_gitlab: DNE
trusty/esm_gitlab: DNE
xenial_gitlab: ignored (end of standard support, was needs-triage)
bionic_gitlab: DNE
focal_gitlab: DNE
groovy_gitlab: DNE
hirsute_gitlab: DNE
impish_gitlab: DNE
jammy_gitlab: DNE
devel_gitlab: DNE