CVE-2020-13333

A potential DOS vulnerability was discovered in GitLab versions 13.1, 13.2 and 13.3. The api to update an asset as a link from a release had a regex check which caused exponential number of backtracks for certain user supplied values resulting in high CPU usage.

CVSS v3 4.3 MEDIUM
CVSS v2.0 4.0 MEDIUM

4.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

4.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:N/I:N/A:P

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13333.json	Third Party Advisory
https://gitlab.com/gitlab-org/gitlab/-/issues/218753	Broken Link
https://hackerone.com/reports/870820	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:gitlab:gitlab:13.1.0::::community:::
	cpe:2.3:a:gitlab:gitlab:13.1.0::::enterprise:::
	cpe:2.3:a:gitlab:gitlab:13.2.0::::community:::
	cpe:2.3:a:gitlab:gitlab:13.2.0::::enterprise:::
	cpe:2.3:a:gitlab:gitlab:13.3.0::::community:::
	cpe:2.3:a:gitlab:gitlab:13.3.0::::enterprise:::

History

No history.

Information

Published : 2020-10-06 19:15

Updated : 2024-02-28 18:08

NVD link : CVE-2020-13333

Mitre link : CVE-2020-13333

CVE.ORG link : CVE-2020-13333

JSON object : View

Products Affected

gitlab

gitlab

CWE

CWE-400

Uncontrolled Resource Consumption

{"id": "CVE-2020-13333", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "cve@gitlab.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2020-10-06T19:15:13.257", "references": [{"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13333.json", "tags": ["Third Party Advisory"], "source": "cve@gitlab.com"}, {"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/218753", "tags": ["Broken Link"], "source": "cve@gitlab.com"}, {"url": "https://hackerone.com/reports/870820", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@gitlab.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-400"}]}], "descriptions": [{"lang": "en", "value": "A potential DOS vulnerability was discovered in GitLab versions 13.1, 13.2 and 13.3. The api to update an asset as a link from a release had a regex check which caused exponential number of backtracks for certain user supplied values resulting in high CPU usage."}, {"lang": "es", "value": "Se detect\u00f3 una potencial vulnerabilidad de DOS en GitLab versiones 13.1, 13.2 y 13.3. La API para actualizar un activo como un enlace desde una versi\u00f3n que ten\u00eda una comprobaci\u00f3n de expresiones regulares que caus\u00f3 un n\u00famero exponencial de retrocesos para determinados valores suministrados por el usuario, resultando en un alto uso de la CPU"}], "lastModified": "2020-10-29T20:15:48.197", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gitlab:gitlab:13.1.0:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "2FBE37DE-E9C5-40DC-8339-200551D68184"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:13.1.0:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "89B666E9-BE49-44A5-8FE0-1DF2A370A983"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:13.2.0:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "82900A58-AAF4-4D9C-A91A-3C86DE7A46F4"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:13.2.0:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "F7C9C545-5519-492A-81D7-AC1EC365167A"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:13.3.0:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "3A4E3640-AED5-4318-85B9-91F41264FB09"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:13.3.0:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "1CF330C9-F018-4F2C-B673-8A38B9434C99"}], "operator": "OR"}]}], "sourceIdentifier": "cve@gitlab.com"}