CVE-2020-13327

gitlab-org/cves

on gitlab

gitlab-org/gitlab-runner

on gitlab

Published

October 22, 2020

Severity

CVSS v3:

7.5 HIGH

CVSS v2:

6 MEDIUM

Description

An issue has been discovered in GitLab Runner affecting all versions starting from 13.4.0 before 13.4.2, all versions starting from 13.3.0 before 13.3.7, all versions starting from 13.2.0 before 13.2.10. Insecure Runner Configuration in Kubernetes Environments

References

https://gitlab.com/gitlab-org/gitlab-runner/-/issues/26833
https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13327.json

Configurations

CPE23	Version Start	Version End	Exact Version
cpe:2.3:a:gitlab:runner::::::::	13.3.0 (including)	13.3.7	*
cpe:2.3:a:gitlab:runner::::::::	13.4.0 (including)	13.4.2	*
cpe:2.3:a:gitlab:runner::::::::	13.2.0 (including)	13.2.10	*

External Links

NVD - CVE-2020-13327