Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2020-26406

Certain SAST CiConfiguration information could be viewed by unauthorized users in GitLab EE starting with 13.3. This information was exposed through GraphQL to non-members of public projects with repository visibility restricted as well as guest members on private projects. Affected versions are: >=13.3, <13.3.9,>=13.4, <13.4.5,>=13.5, <13.5.2.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.4%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
Products affected by CVE-2020-26406
  • Gitlab » Gitlab » Version: 13.3.0
    cpe:2.3:a:gitlab:gitlab:13.3.0
  • Gitlab » Gitlab » Version: 13.3.1
    cpe:2.3:a:gitlab:gitlab:13.3.1
  • Gitlab » Gitlab » Version: 13.3.2
    cpe:2.3:a:gitlab:gitlab:13.3.2
  • Gitlab » Gitlab » Version: 13.3.4
    cpe:2.3:a:gitlab:gitlab:13.3.4
  • Gitlab » Gitlab » Version: 13.3.5
    cpe:2.3:a:gitlab:gitlab:13.3.5
  • Gitlab » Gitlab » Version: 13.3.6
    cpe:2.3:a:gitlab:gitlab:13.3.6
  • Gitlab » Gitlab » Version: 13.3.7
    cpe:2.3:a:gitlab:gitlab:13.3.7
  • Gitlab » Gitlab » Version: 13.3.8
    cpe:2.3:a:gitlab:gitlab:13.3.8
  • Gitlab » Gitlab » Version: 13.4.0
    cpe:2.3:a:gitlab:gitlab:13.4.0
  • Gitlab » Gitlab » Version: 13.4.1
    cpe:2.3:a:gitlab:gitlab:13.4.1
  • Gitlab » Gitlab » Version: 13.4.2
    cpe:2.3:a:gitlab:gitlab:13.4.2
  • Gitlab » Gitlab » Version: 13.4.3
    cpe:2.3:a:gitlab:gitlab:13.4.3
  • Gitlab » Gitlab » Version: 13.4.4
    cpe:2.3:a:gitlab:gitlab:13.4.4
  • Gitlab » Gitlab » Version: 13.5.0
    cpe:2.3:a:gitlab:gitlab:13.5.0
  • Gitlab » Gitlab » Version: 13.5.1
    cpe:2.3:a:gitlab:gitlab:13.5.1


Products
Pricing
Contact Us

Shodan ® - All rights reserved