Vulnerabilities > CVE-2019-20142 - Unspecified vulnerability in Gitlab

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

LOW

network

low complexity

nessus

NVD

Published: 2020-01-13

Updated: 2020-08-24

Summary

An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 12.3 through 12.6.1. It allows Denial of Service.

Part	Description	Count
Application	Gitlab Gitlab Gitlab 12.3.0 Gitlab Gitlab 12.3.1 Gitlab Gitlab 12.3.2 Gitlab Gitlab 12.3.3 Gitlab Gitlab 12.3.4 Gitlab Gitlab 12.3.5 Gitlab Gitlab 12.3.6 Gitlab Gitlab 12.3.7 Gitlab Gitlab 12.3.8 Gitlab Gitlab 12.3.9 Gitlab Gitlab 12.4.0 Gitlab Gitlab 12.4.1 Gitlab Gitlab 12.4.2 Gitlab Gitlab 12.4.3 Gitlab Gitlab 12.4.4 Gitlab Gitlab 12.4.6 Gitlab Gitlab 12.4.7 Gitlab Gitlab 12.4.8 Gitlab Gitlab 12.5.0 Gitlab Gitlab 12.5.1 Gitlab Gitlab 12.5.2 Gitlab Gitlab 12.5.3 Gitlab Gitlab 12.5.4 Gitlab Gitlab 12.5.5 Gitlab Gitlab 12.5.6 Gitlab Gitlab 12.5.7 Gitlab Gitlab 12.5.8 Gitlab Gitlab 12.5.9 Gitlab Gitlab 12.5.10 Gitlab Gitlab 12.6.0 Gitlab Gitlab 12.6.1 Gitlab Gitlab 12.4.5	62

NASL family	FreeBSD Local Security Checks
NASL id	FREEBSD_PKG_01BDE18A2E0911EAA935001B217B3468.NASL
description	SO-AND-SO reports : Group Maintainers Can Update/Delete Group Runners Using API GraphQL Queries Can Hang the Application Unauthorized Users Have Access to Milestones of Releases Private Group Name Revealed Through Protected Tags API Users Can Publish Reviews on Locked Merge Requests DoS in the Issue and Commit Comments Pages Project Name Disclosed Through Unsubscribe Link Private Project Name Disclosed Through Notification Settings
last seen	2020-06-01
modified	2020-06-02
plugin id	132665
published	2020-01-06
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/132665
title	FreeBSD : Gitlab -- Multiple Vulnerabilities (01bde18a-2e09-11ea-a935-001b217b3468)