{"id": "CVE-2020-13335", "bulletinFamily": "NVD", "title": "CVE-2020-13335", "description": "Improper group membership validation when deleting a user account in GitLab >=7.12 allows a user to delete own account without deleting/transferring their group.", "published": "2020-10-07T14:15:00", "modified": "2021-07-21T11:39:00", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-13335", "reporter": "cve@gitlab.com", "references": ["https://hackerone.com/reports/503823", "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13335.json", "https://gitlab.com/gitlab-org/gitlab/-/issues/27231"], "cvelist": ["CVE-2020-13335"], "type": "cve", "lastseen": "2021-08-04T16:55:03", "edition": 8, "viewCount": 25, "enchantments": {"dependencies": {"references": [{"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-13335"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-13335"]}, {"type": "freebsd", "idList": ["A3495E61-047F-11EB-86EA-001B217B3468"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_A3495E61047F11EB86EA001B217B3468.NASL"]}], "modified": "2021-08-04T16:55:03", "rev": 2}, "score": {"value": 5.2, "vector": "NONE", "modified": "2021-08-04T16:55:03", "rev": 2}, "vulnersScore": 5.2}, "cpe": [], "affectedSoftware": [{"cpeName": "gitlab:gitlab", "name": "gitlab", "operator": "lt", "version": "13.2.10"}, {"cpeName": "gitlab:gitlab", "name": "gitlab", "operator": "lt", "version": "13.2.10"}, {"cpeName": "gitlab:gitlab", "name": "gitlab", "operator": "lt", "version": "13.3.7"}, {"cpeName": "gitlab:gitlab", "name": "gitlab", "operator": "lt", "version": "13.3.7"}, {"cpeName": "gitlab:gitlab", "name": "gitlab", "operator": "lt", "version": "13.4.2"}, {"cpeName": "gitlab:gitlab", "name": "gitlab", "operator": "lt", "version": "13.4.2"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:a:gitlab:gitlab:13.3.7:*:*:*:enterprise:*:*:*", "cpe_name": [], "versionEndExcluding": "13.3.7", "versionStartIncluding": "13.3.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gitlab:gitlab:13.4.2:*:*:*:community:*:*:*", "cpe_name": [], "versionEndExcluding": "13.4.2", "versionStartIncluding": "13.4.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gitlab:gitlab:13.4.2:*:*:*:enterprise:*:*:*", "cpe_name": [], "versionEndExcluding": "13.4.2", "versionStartIncluding": "13.4.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gitlab:gitlab:13.2.10:*:*:*:community:*:*:*", "cpe_name": [], "versionEndExcluding": "13.2.10", "versionStartIncluding": "7.12.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gitlab:gitlab:13.3.7:*:*:*:community:*:*:*", "cpe_name": [], "versionEndExcluding": "13.3.7", "versionStartIncluding": "13.3.0", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:gitlab:gitlab:13.2.10:*:*:*:enterprise:*:*:*", "cpe_name": [], "versionEndExcluding": "13.2.10", "versionStartIncluding": "7.12.0", "vulnerable": true}], "operator": "OR"}]}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4}, "cpe23": [], "cwe": ["CWE-863"], "scheme": null, "extraReferences": [{"name": "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13335.json", "refsource": "CONFIRM", "tags": ["Vendor Advisory"], "url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13335.json"}, {"name": "https://hackerone.com/reports/503823", "refsource": "MISC", "tags": ["Third Party Advisory", "Permissions Required"], "url": "https://hackerone.com/reports/503823"}, {"name": "https://gitlab.com/gitlab-org/gitlab/-/issues/27231", "refsource": "MISC", "tags": ["Broken Link", "Vendor Advisory"], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/27231"}], "immutableFields": []}

{"debiancve": [{"id": "DEBIANCVE:CVE-2020-13335", "vendorId": null, "hash": "79e1fe834cc6ce4938c8bc4841d5e863", "type": "debiancve", "bulletinFamily": "info", "title": "CVE-2020-13335", "description": "Improper group membership validation when deleting a user account in GitLab >=7.12 allows a user to delete own account without deleting/transferring their group.", "published": "2020-05-21T00:00:00", "modified": "2020-05-21T00:00:00", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4}, "href": "https://security-tracker.debian.org/tracker/CVE-2020-13335", "reporter": "Debian Security Bug Tracker", "references": [], "cvelist": ["CVE-2020-13335"], "immutableFields": [], "lastseen": "2021-11-29T13:54:32", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "ubuntucve", "idList": ["UB:CVE-2020-13335"]}, {"type": "cve", "idList": ["CVE-2020-13335"]}, {"type": "freebsd", "idList": ["A3495E61-047F-11EB-86EA-001B217B3468"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_A3495E61047F11EB86EA001B217B3468.NASL"]}], "modified": "2021-11-29T13:54:32", "rev": 2}, "score": {"value": 5.6, "vector": "NONE", "modified": "2021-11-29T13:54:32", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "Debian", "OSVersion": "999", "arch": "all", "packageFilename": "gitlab_13.4.7-2_all.deb", "packageVersion": "13.4.7-2", "operator": "lt", "status": "resolved", "packageName": "gitlab"}], "_object_type": "robots.models.debiancve.DebianCveBulletin", "_object_types": ["robots.models.debiancve.DebianCveBulletin", "robots.models.base.Bulletin"]}], "ubuntucve": [{"id": "UB:CVE-2020-13335", "vendorId": null, "hash": "62aa734a8e285807d99a99efc75b3150", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2020-13335", "description": "Improper group membership validation when deleting a user account in GitLab\n>=7.12 allows a user to delete own account without deleting/transferring\ntheir group.", "published": "2020-10-07T00:00:00", "modified": "2020-10-07T00:00:00", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4}, "href": "https://ubuntu.com/security/CVE-2020-13335", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13335", "https://nvd.nist.gov/vuln/detail/CVE-2020-13335", "https://launchpad.net/bugs/cve/CVE-2020-13335", "https://security-tracker.debian.org/tracker/CVE-2020-13335"], "cvelist": ["CVE-2020-13335"], "immutableFields": [], "lastseen": "2021-11-22T21:24:39", "history": [{"bulletin": {"id": "UB:CVE-2020-13335", "vendorId": null, "hash": "8ebecce51a1cb00437a9c2c3d181d1b9", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2020-13335", "description": "Improper group membership validation when deleting a user account in GitLab\n>=7.12 allows a user to delete own account without deleting/transferring\ntheir group.", "published": "2020-10-07T00:00:00", "modified": "2020-10-07T00:00:00", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}, "cvss2": {}, "cvss3": {}, "href": "https://ubuntu.com/security/CVE-2020-13335", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13335", "https://nvd.nist.gov/vuln/detail/CVE-2020-13335", "https://launchpad.net/bugs/cve/CVE-2020-13335", "https://security-tracker.debian.org/tracker/CVE-2020-13335"], "cvelist": ["CVE-2020-13335"], "immutableFields": [], "lastseen": "2021-06-30T21:33:45", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2020-13335"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_A3495E61047F11EB86EA001B217B3468.NASL"]}, {"type": "freebsd", "idList": ["A3495E61-047F-11EB-86EA-001B217B3468"]}], "modified": "2021-06-30T21:33:45", "rev": 2}, "score": {"value": 5.6, "vector": "NONE", "modified": "2021-06-30T21:33:45", "rev": 2}}, "objectVersion": "1.5", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "gitlab"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "gitlab"}], "bugs": []}, "lastseen": "2021-06-30T21:33:45", "differentElements": ["cvss2", "cvss3"], "edition": 1}, {"bulletin": {"id": "UB:CVE-2020-13335", "vendorId": null, "hash": "7a165a9a7bfdd492dbfb85a66677d5e6", "type": "ubuntucve", "bulletinFamily": "info", "title": "CVE-2020-13335", "description": "Improper group membership validation when deleting a user account in GitLab\n>=7.12 allows a user to delete own account without deleting/transferring\ntheir group.", "published": "2020-10-07T00:00:00", "modified": "2020-10-07T00:00:00", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4}, "href": "https://ubuntu.com/security/CVE-2020-13335", "reporter": "ubuntu.com", "references": ["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13335", "https://nvd.nist.gov/vuln/detail/CVE-2020-13335", "https://launchpad.net/bugs/cve/CVE-2020-13335", "https://security-tracker.debian.org/tracker/CVE-2020-13335"], "cvelist": ["CVE-2020-13335"], "immutableFields": [], "lastseen": "2021-07-30T21:41:19", "history": [], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2020-13335"]}, {"type": "freebsd", "idList": ["A3495E61-047F-11EB-86EA-001B217B3468"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_A3495E61047F11EB86EA001B217B3468.NASL"]}], "modified": "2021-07-30T21:41:19", "rev": 2}, "score": {"value": 5.6, "vector": "NONE", "modified": "2021-07-30T21:41:19", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "gitlab"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "packageName": "gitlab"}], "bugs": []}, "lastseen": "2021-07-30T21:41:19", "differentElements": ["affectedPackage"], "edition": 2}], "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-13335"]}, {"type": "cve", "idList": ["CVE-2020-13335"]}, {"type": "freebsd", "idList": ["A3495E61-047F-11EB-86EA-001B217B3468"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_A3495E61047F11EB86EA001B217B3468.NASL"]}], "modified": "2021-11-22T21:24:39", "rev": 2}, "score": {"value": 5.6, "vector": "NONE", "modified": "2021-11-22T21:24:39", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "ubuntu", "OSVersion": "Upstream", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "needs triage", "packageName": "gitlab"}, {"OS": "ubuntu", "OSVersion": "16.04", "arch": "noarch", "packageVersion": "any", "packageFilename": "UNKNOWN", "operator": "lt", "status": "ignored", "packageName": "gitlab"}], "bugs": [], "_object_type": "robots.models.ubuntucve.UbuntuCVEBulletin", "_object_types": ["robots.models.ubuntucve.UbuntuCVEBulletin", "robots.models.base.Bulletin"]}], "nessus": [{"id": "FREEBSD_PKG_A3495E61047F11EB86EA001B217B3468.NASL", "hash": "b2b7d1e065aeb49aa71f43e77ac65d98", "type": "nessus", "bulletinFamily": "scanner", "title": "FreeBSD : Gitlab -- multiple vulnerabilities (a3495e61-047f-11eb-86ea-001b217b3468)", "description": "Gitlab reports :\n\nPotential Denial Of Service Via Update Release Links API\n\nInsecure Storage of Session Key In Redis\n\nImproper Access Expiration Date Validation\n\nCross-Site Scripting in Multiple Pages\n\nUnauthorized Users Can View Custom Project Template\n\nCross-Site Scripting in SVG Image Preview\n\nIncomplete Handling in Account Deletion\n\nInsufficient Rate Limiting at Re-Sending Confirmation Email\n\nImproper Type Check in GraphQL\n\nTo-dos Are Not Redacted When Membership Changes\n\nGuest users can modify confidentiality attribute\n\nCommand injection on runner host\n\nInsecure Runner Configuration in Kubernetes Environments", "published": "2020-10-05T00:00:00", "modified": "2020-11-06T00:00:00", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/141148", "reporter": "This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13333", "http://www.nessus.org/u?e37a3925", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13335", "http://www.nessus.org/u?af908d2e", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13332", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13327", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13334"], "cvelist": ["CVE-2020-13327", "CVE-2020-13332", "CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13335"], "immutableFields": [], "lastseen": "2021-08-19T12:12:47", "history": [{"bulletin": {"id": "FREEBSD_PKG_A3495E61047F11EB86EA001B217B3468.NASL", "hash": "708bf14e66567f6998fe9eb533352628936a6ed573cb2f7323791d0cac72068a", "type": "nessus", "bulletinFamily": "scanner", "title": "FreeBSD : Gitlab -- multiple vulnerabilities (a3495e61-047f-11eb-86ea-001b217b3468)", "description": "Gitlab reports :\n\nPotential Denial Of Service Via Update Release Links API\n\nInsecure Storage of Session Key In Redis\n\nImproper Access Expiration Date Validation\n\nCross-Site Scripting in Multiple Pages\n\nUnauthorized Users Can View Custom Project Template\n\nCross-Site Scripting in SVG Image Preview\n\nIncomplete Handling in Account Deletion\n\nInsufficient Rate Limiting at Re-Sending Confirmation Email\n\nImproper Type Check in GraphQL\n\nTo-dos Are Not Redacted When Membership Changes\n\nGuest users can modify confidentiality attribute\n\nCommand injection on runner host\n\nInsecure Runner Configuration in Kubernetes Environments", "published": "2020-10-05T00:00:00", "modified": "2020-10-05T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/141148", "reporter": "This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?af908d2e", "http://www.nessus.org/u?e37a3925"], "cvelist": ["CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13327", "CVE-2020-13332", "CVE-2020-13335"], "immutableFields": [], "lastseen": "2020-10-06T06:32:10", "history": [], "viewCount": 25, "enchantments": {"dependencies": {"modified": "2020-10-06T06:32:10", "references": [{"idList": ["A3495E61-047F-11EB-86EA-001B217B3468"], "type": "freebsd"}, {"idList": ["CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13332", "CVE-2020-13335"], "type": "cve"}], "rev": 2}, "score": {"modified": "2020-10-06T06:32:10", "rev": 2, "value": 4.3, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "141148", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141148);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/05\");\n\n script_cve_id(\"CVE-2020-13327\", \"CVE-2020-13332\", \"CVE-2020-13333\", \"CVE-2020-13334\", \"CVE-2020-13335\");\n\n script_name(english:\"FreeBSD : Gitlab -- multiple vulnerabilities (a3495e61-047f-11eb-86ea-001b217b3468)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Gitlab reports :\n\nPotential Denial Of Service Via Update Release Links API\n\nInsecure Storage of Session Key In Redis\n\nImproper Access Expiration Date Validation\n\nCross-Site Scripting in Multiple Pages\n\nUnauthorized Users Can View Custom Project Template\n\nCross-Site Scripting in SVG Image Preview\n\nIncomplete Handling in Account Deletion\n\nInsufficient Rate Limiting at Re-Sending Confirmation Email\n\nImproper Type Check in GraphQL\n\nTo-dos Are Not Redacted When Membership Changes\n\nGuest users can modify confidentiality attribute\n\nCommand injection on runner host\n\nInsecure Runner Configuration in Kubernetes Environments\"\n );\n # https://about.gitlab.com/releases/2020/10/01/security-release-13-4-2-release/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?af908d2e\"\n );\n # https://vuxml.freebsd.org/freebsd/a3495e61-047f-11eb-86ea-001b217b3468.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e37a3925\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gitlab-ce\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=13.4.0<13.4.2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=13.3.0<13.3.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=7.12<13.2.10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "FreeBSD Local Security Checks", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:gitlab-ce"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2020-10-06T06:32:10", "differentElements": ["cvss"], "edition": 1}, {"bulletin": {"id": "FREEBSD_PKG_A3495E61047F11EB86EA001B217B3468.NASL", "hash": "4a9df39caf9368565b12a907c7369447bcd6265dc011439765cea5ca8ba11639", "type": "nessus", "bulletinFamily": "scanner", "title": "FreeBSD : Gitlab -- multiple vulnerabilities (a3495e61-047f-11eb-86ea-001b217b3468)", "description": "Gitlab reports :\n\nPotential Denial Of Service Via Update Release Links API\n\nInsecure Storage of Session Key In Redis\n\nImproper Access Expiration Date Validation\n\nCross-Site Scripting in Multiple Pages\n\nUnauthorized Users Can View Custom Project Template\n\nCross-Site Scripting in SVG Image Preview\n\nIncomplete Handling in Account Deletion\n\nInsufficient Rate Limiting at Re-Sending Confirmation Email\n\nImproper Type Check in GraphQL\n\nTo-dos Are Not Redacted When Membership Changes\n\nGuest users can modify confidentiality attribute\n\nCommand injection on runner host\n\nInsecure Runner Configuration in Kubernetes Environments", "published": "2020-10-05T00:00:00", "modified": "2020-10-05T00:00:00", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/141148", "reporter": "This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?af908d2e", "http://www.nessus.org/u?e37a3925"], "cvelist": ["CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13327", "CVE-2020-13332", "CVE-2020-13335"], "immutableFields": [], "lastseen": "2020-10-14T14:35:48", "history": [], "viewCount": 26, "enchantments": {"dependencies": {"modified": "2020-10-14T14:35:48", "references": [{"idList": ["A3495E61-047F-11EB-86EA-001B217B3468"], "type": "freebsd"}, {"idList": ["CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13332", "CVE-2020-13335"], "type": "cve"}], "rev": 2}, "score": {"modified": "2020-10-14T14:35:48", "rev": 2, "value": 4.3, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "141148", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141148);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/05\");\n\n script_cve_id(\"CVE-2020-13327\", \"CVE-2020-13332\", \"CVE-2020-13333\", \"CVE-2020-13334\", \"CVE-2020-13335\");\n\n script_name(english:\"FreeBSD : Gitlab -- multiple vulnerabilities (a3495e61-047f-11eb-86ea-001b217b3468)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Gitlab reports :\n\nPotential Denial Of Service Via Update Release Links API\n\nInsecure Storage of Session Key In Redis\n\nImproper Access Expiration Date Validation\n\nCross-Site Scripting in Multiple Pages\n\nUnauthorized Users Can View Custom Project Template\n\nCross-Site Scripting in SVG Image Preview\n\nIncomplete Handling in Account Deletion\n\nInsufficient Rate Limiting at Re-Sending Confirmation Email\n\nImproper Type Check in GraphQL\n\nTo-dos Are Not Redacted When Membership Changes\n\nGuest users can modify confidentiality attribute\n\nCommand injection on runner host\n\nInsecure Runner Configuration in Kubernetes Environments\"\n );\n # https://about.gitlab.com/releases/2020/10/01/security-release-13-4-2-release/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?af908d2e\"\n );\n # https://vuxml.freebsd.org/freebsd/a3495e61-047f-11eb-86ea-001b217b3468.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e37a3925\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gitlab-ce\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=13.4.0<13.4.2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=13.3.0<13.3.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=7.12<13.2.10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "FreeBSD Local Security Checks", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:gitlab-ce"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2020-10-14T14:35:48", "differentElements": ["cvss", "cvss3", "sourceData"], "edition": 2}, {"bulletin": {"id": "FREEBSD_PKG_A3495E61047F11EB86EA001B217B3468.NASL", "hash": "bfd67b802930d784f4a05b5ebd77bbe5770dddc8b620d670e9dfdfc6049b270e", "type": "nessus", "bulletinFamily": "scanner", "title": "FreeBSD : Gitlab -- multiple vulnerabilities (a3495e61-047f-11eb-86ea-001b217b3468)", "description": "Gitlab reports :\n\nPotential Denial Of Service Via Update Release Links API\n\nInsecure Storage of Session Key In Redis\n\nImproper Access Expiration Date Validation\n\nCross-Site Scripting in Multiple Pages\n\nUnauthorized Users Can View Custom Project Template\n\nCross-Site Scripting in SVG Image Preview\n\nIncomplete Handling in Account Deletion\n\nInsufficient Rate Limiting at Re-Sending Confirmation Email\n\nImproper Type Check in GraphQL\n\nTo-dos Are Not Redacted When Membership Changes\n\nGuest users can modify confidentiality attribute\n\nCommand injection on runner host\n\nInsecure Runner Configuration in Kubernetes Environments", "published": "2020-10-05T00:00:00", "modified": "2020-10-05T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cvss2": {}, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "href": "https://www.tenable.com/plugins/nessus/141148", "reporter": "This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?af908d2e", "http://www.nessus.org/u?e37a3925"], "cvelist": ["CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13327", "CVE-2020-13332", "CVE-2020-13335"], "immutableFields": [], "lastseen": "2020-10-17T06:29:19", "history": [], "viewCount": 27, "enchantments": {"dependencies": {"modified": "2020-10-17T06:29:19", "references": [{"idList": ["A3495E61-047F-11EB-86EA-001B217B3468"], "type": "freebsd"}, {"idList": ["CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13332", "CVE-2020-13335"], "type": "cve"}], "rev": 2}, "score": {"modified": "2020-10-17T06:29:19", "rev": 2, "value": 5.1, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "141148", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141148);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/16\");\n\n script_cve_id(\"CVE-2020-13327\", \"CVE-2020-13332\", \"CVE-2020-13333\", \"CVE-2020-13334\", \"CVE-2020-13335\");\n\n script_name(english:\"FreeBSD : Gitlab -- multiple vulnerabilities (a3495e61-047f-11eb-86ea-001b217b3468)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Gitlab reports :\n\nPotential Denial Of Service Via Update Release Links API\n\nInsecure Storage of Session Key In Redis\n\nImproper Access Expiration Date Validation\n\nCross-Site Scripting in Multiple Pages\n\nUnauthorized Users Can View Custom Project Template\n\nCross-Site Scripting in SVG Image Preview\n\nIncomplete Handling in Account Deletion\n\nInsufficient Rate Limiting at Re-Sending Confirmation Email\n\nImproper Type Check in GraphQL\n\nTo-dos Are Not Redacted When Membership Changes\n\nGuest users can modify confidentiality attribute\n\nCommand injection on runner host\n\nInsecure Runner Configuration in Kubernetes Environments\"\n );\n # https://about.gitlab.com/releases/2020/10/01/security-release-13-4-2-release/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?af908d2e\"\n );\n # https://vuxml.freebsd.org/freebsd/a3495e61-047f-11eb-86ea-001b217b3468.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e37a3925\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gitlab-ce\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=13.4.0<13.4.2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=13.3.0<13.3.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=7.12<13.2.10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "FreeBSD Local Security Checks", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:gitlab-ce"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2020-10-17T06:29:19", "differentElements": ["sourceData"], "edition": 3}, {"bulletin": {"id": "FREEBSD_PKG_A3495E61047F11EB86EA001B217B3468.NASL", "hash": "25beb886f6901e6f236641e6fe4d183291d7c9ba21f2a36efc8d1486659259c7", "type": "nessus", "bulletinFamily": "scanner", "title": "FreeBSD : Gitlab -- multiple vulnerabilities (a3495e61-047f-11eb-86ea-001b217b3468)", "description": "Gitlab reports :\n\nPotential Denial Of Service Via Update Release Links API\n\nInsecure Storage of Session Key In Redis\n\nImproper Access Expiration Date Validation\n\nCross-Site Scripting in Multiple Pages\n\nUnauthorized Users Can View Custom Project Template\n\nCross-Site Scripting in SVG Image Preview\n\nIncomplete Handling in Account Deletion\n\nInsufficient Rate Limiting at Re-Sending Confirmation Email\n\nImproper Type Check in GraphQL\n\nTo-dos Are Not Redacted When Membership Changes\n\nGuest users can modify confidentiality attribute\n\nCommand injection on runner host\n\nInsecure Runner Configuration in Kubernetes Environments", "published": "2020-10-05T00:00:00", "modified": "2020-10-05T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "cvss2": {}, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}, "href": "https://www.tenable.com/plugins/nessus/141148", "reporter": "This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?af908d2e", "http://www.nessus.org/u?e37a3925"], "cvelist": ["CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13327", "CVE-2020-13332", "CVE-2020-13335"], "immutableFields": [], "lastseen": "2020-10-20T22:26:51", "history": [], "viewCount": 28, "enchantments": {"dependencies": {"modified": "2020-10-20T22:26:51", "references": [{"idList": ["A3495E61-047F-11EB-86EA-001B217B3468"], "type": "freebsd"}, {"idList": ["CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13327", "CVE-2020-13332", "CVE-2020-13335"], "type": "cve"}], "rev": 2}, "score": {"modified": "2020-10-20T22:26:51", "rev": 2, "value": 5.2, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "141148", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141148);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/20\");\n\n script_cve_id(\"CVE-2020-13327\", \"CVE-2020-13332\", \"CVE-2020-13333\", \"CVE-2020-13334\", \"CVE-2020-13335\");\n\n script_name(english:\"FreeBSD : Gitlab -- multiple vulnerabilities (a3495e61-047f-11eb-86ea-001b217b3468)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Gitlab reports :\n\nPotential Denial Of Service Via Update Release Links API\n\nInsecure Storage of Session Key In Redis\n\nImproper Access Expiration Date Validation\n\nCross-Site Scripting in Multiple Pages\n\nUnauthorized Users Can View Custom Project Template\n\nCross-Site Scripting in SVG Image Preview\n\nIncomplete Handling in Account Deletion\n\nInsufficient Rate Limiting at Re-Sending Confirmation Email\n\nImproper Type Check in GraphQL\n\nTo-dos Are Not Redacted When Membership Changes\n\nGuest users can modify confidentiality attribute\n\nCommand injection on runner host\n\nInsecure Runner Configuration in Kubernetes Environments\"\n );\n # https://about.gitlab.com/releases/2020/10/01/security-release-13-4-2-release/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?af908d2e\"\n );\n # https://vuxml.freebsd.org/freebsd/a3495e61-047f-11eb-86ea-001b217b3468.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e37a3925\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gitlab-ce\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=13.4.0<13.4.2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=13.3.0<13.3.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=7.12<13.2.10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "FreeBSD Local Security Checks", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:gitlab-ce"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2020-10-20T22:26:51", "differentElements": ["cvss", "cvss3", "sourceData"], "edition": 4}, {"bulletin": {"id": "FREEBSD_PKG_A3495E61047F11EB86EA001B217B3468.NASL", "hash": "2f144be15e7cca6852aaa536d83444d42743150a5693774fe41e36cef04c85eb", "type": "nessus", "bulletinFamily": "scanner", "title": "FreeBSD : Gitlab -- multiple vulnerabilities (a3495e61-047f-11eb-86ea-001b217b3468)", "description": "Gitlab reports :\n\nPotential Denial Of Service Via Update Release Links API\n\nInsecure Storage of Session Key In Redis\n\nImproper Access Expiration Date Validation\n\nCross-Site Scripting in Multiple Pages\n\nUnauthorized Users Can View Custom Project Template\n\nCross-Site Scripting in SVG Image Preview\n\nIncomplete Handling in Account Deletion\n\nInsufficient Rate Limiting at Re-Sending Confirmation Email\n\nImproper Type Check in GraphQL\n\nTo-dos Are Not Redacted When Membership Changes\n\nGuest users can modify confidentiality attribute\n\nCommand injection on runner host\n\nInsecure Runner Configuration in Kubernetes Environments", "published": "2020-10-05T00:00:00", "modified": "2020-10-05T00:00:00", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.5, "vector": "AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/141148", "reporter": "This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?af908d2e", "http://www.nessus.org/u?e37a3925"], "cvelist": ["CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13327", "CVE-2020-13332", "CVE-2020-13335"], "immutableFields": [], "lastseen": "2020-11-07T06:33:39", "history": [], "viewCount": 34, "enchantments": {"dependencies": {"modified": "2020-11-07T06:33:39", "references": [{"idList": ["UB:CVE-2020-13335", "UB:CVE-2020-13334", "UB:CVE-2020-13333", "UB:CVE-2020-13327"], "type": "ubuntucve"}, {"idList": ["A3495E61-047F-11EB-86EA-001B217B3468"], "type": "freebsd"}, {"idList": ["CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13327", "CVE-2020-13332", "CVE-2020-13335"], "type": "cve"}], "rev": 2}, "score": {"modified": "2020-11-07T06:33:39", "rev": 2, "value": 5.2, "vector": "NONE"}}, "objectVersion": "1.6", "pluginID": "141148", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141148);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/06\");\n\n script_cve_id(\"CVE-2020-13327\", \"CVE-2020-13332\", \"CVE-2020-13333\", \"CVE-2020-13334\", \"CVE-2020-13335\");\n\n script_name(english:\"FreeBSD : Gitlab -- multiple vulnerabilities (a3495e61-047f-11eb-86ea-001b217b3468)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Gitlab reports :\n\nPotential Denial Of Service Via Update Release Links API\n\nInsecure Storage of Session Key In Redis\n\nImproper Access Expiration Date Validation\n\nCross-Site Scripting in Multiple Pages\n\nUnauthorized Users Can View Custom Project Template\n\nCross-Site Scripting in SVG Image Preview\n\nIncomplete Handling in Account Deletion\n\nInsufficient Rate Limiting at Re-Sending Confirmation Email\n\nImproper Type Check in GraphQL\n\nTo-dos Are Not Redacted When Membership Changes\n\nGuest users can modify confidentiality attribute\n\nCommand injection on runner host\n\nInsecure Runner Configuration in Kubernetes Environments\"\n );\n # https://about.gitlab.com/releases/2020/10/01/security-release-13-4-2-release/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?af908d2e\"\n );\n # https://vuxml.freebsd.org/freebsd/a3495e61-047f-11eb-86ea-001b217b3468.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e37a3925\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13327\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gitlab-ce\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=13.4.0<13.4.2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=13.3.0<13.3.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=7.12<13.2.10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "FreeBSD Local Security Checks", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:gitlab-ce"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2020-11-07T06:33:39", "differentElements": ["cvss2", "cvss3"], "edition": 5}, {"bulletin": {"id": "FREEBSD_PKG_A3495E61047F11EB86EA001B217B3468.NASL", "hash": "e2f285caa3e93f46ec6e1c5a45b382b7", "type": "nessus", "bulletinFamily": "scanner", "title": "FreeBSD : Gitlab -- multiple vulnerabilities (a3495e61-047f-11eb-86ea-001b217b3468)", "description": "Gitlab reports :\n\nPotential Denial Of Service Via Update Release Links API\n\nInsecure Storage of Session Key In Redis\n\nImproper Access Expiration Date Validation\n\nCross-Site Scripting in Multiple Pages\n\nUnauthorized Users Can View Custom Project Template\n\nCross-Site Scripting in SVG Image Preview\n\nIncomplete Handling in Account Deletion\n\nInsufficient Rate Limiting at Re-Sending Confirmation Email\n\nImproper Type Check in GraphQL\n\nTo-dos Are Not Redacted When Membership Changes\n\nGuest users can modify confidentiality attribute\n\nCommand injection on runner host\n\nInsecure Runner Configuration in Kubernetes Environments", "published": "2020-10-05T00:00:00", "modified": "2020-10-05T00:00:00", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.9}, "href": "https://www.tenable.com/plugins/nessus/141148", "reporter": "This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?af908d2e", "http://www.nessus.org/u?e37a3925"], "cvelist": ["CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13327", "CVE-2020-13332", "CVE-2020-13335"], "immutableFields": [], "lastseen": "2021-07-29T00:14:19", "history": [], "viewCount": 35, "enchantments": {"dependencies": {"references": [{"type": "freebsd", "idList": ["A3495E61-047F-11EB-86EA-001B217B3468"]}, {"type": "cve", "idList": ["CVE-2020-13335", "CVE-2020-13334", "CVE-2020-13332", "CVE-2020-13327", "CVE-2020-13333"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-13334", "UB:CVE-2020-13335", "UB:CVE-2020-13327", "UB:CVE-2020-13333"]}], "modified": "2021-07-29T00:14:19", "rev": 2}, "score": {"value": 5.2, "vector": "NONE", "modified": "2021-07-29T00:14:19", "rev": 2}}, "objectVersion": "1.6", "pluginID": "141148", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141148);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/06\");\n\n script_cve_id(\"CVE-2020-13327\", \"CVE-2020-13332\", \"CVE-2020-13333\", \"CVE-2020-13334\", \"CVE-2020-13335\");\n\n script_name(english:\"FreeBSD : Gitlab -- multiple vulnerabilities (a3495e61-047f-11eb-86ea-001b217b3468)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Gitlab reports :\n\nPotential Denial Of Service Via Update Release Links API\n\nInsecure Storage of Session Key In Redis\n\nImproper Access Expiration Date Validation\n\nCross-Site Scripting in Multiple Pages\n\nUnauthorized Users Can View Custom Project Template\n\nCross-Site Scripting in SVG Image Preview\n\nIncomplete Handling in Account Deletion\n\nInsufficient Rate Limiting at Re-Sending Confirmation Email\n\nImproper Type Check in GraphQL\n\nTo-dos Are Not Redacted When Membership Changes\n\nGuest users can modify confidentiality attribute\n\nCommand injection on runner host\n\nInsecure Runner Configuration in Kubernetes Environments\"\n );\n # https://about.gitlab.com/releases/2020/10/01/security-release-13-4-2-release/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?af908d2e\"\n );\n # https://vuxml.freebsd.org/freebsd/a3495e61-047f-11eb-86ea-001b217b3468.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e37a3925\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13327\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gitlab-ce\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=13.4.0<13.4.2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=13.3.0<13.3.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=7.12<13.2.10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "FreeBSD Local Security Checks", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:gitlab-ce"], "solution": "", "nessusSeverity": "", "cvssScoreSource": "", "vpr": {}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": null, "vulnerabilityPublicationDate": null, "exploitableWith": []}, "lastseen": "2021-07-29T00:14:19", "differentElements": ["cpe", "cvss2", "cvss3", "cvssScoreSource", "exploitEase", "modified", "patchPublicationDate", "references", "solution", "vpr", "vulnerabilityPublicationDate"], "edition": 6}, {"bulletin": {"id": "FREEBSD_PKG_A3495E61047F11EB86EA001B217B3468.NASL", "hash": "883c3b47afe6d27bbf4004e996008896", "type": "nessus", "bulletinFamily": "scanner", "title": "FreeBSD : Gitlab -- multiple vulnerabilities (a3495e61-047f-11eb-86ea-001b217b3468)", "description": "Gitlab reports :\n\nPotential Denial Of Service Via Update Release Links API\n\nInsecure Storage of Session Key In Redis\n\nImproper Access Expiration Date Validation\n\nCross-Site Scripting in Multiple Pages\n\nUnauthorized Users Can View Custom Project Template\n\nCross-Site Scripting in SVG Image Preview\n\nIncomplete Handling in Account Deletion\n\nInsufficient Rate Limiting at Re-Sending Confirmation Email\n\nImproper Type Check in GraphQL\n\nTo-dos Are Not Redacted When Membership Changes\n\nGuest users can modify confidentiality attribute\n\nCommand injection on runner host\n\nInsecure Runner Configuration in Kubernetes Environments", "published": "2020-10-05T00:00:00", "modified": "2020-11-06T00:00:00", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/141148", "reporter": "This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13327", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13334", "http://www.nessus.org/u?e37a3925", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13332", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13335", "http://www.nessus.org/u?af908d2e", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13333"], "cvelist": ["CVE-2020-13327", "CVE-2020-13332", "CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13335"], "immutableFields": [], "lastseen": "2021-08-05T12:58:15", "history": [], "viewCount": 35, "enchantments": {"dependencies": {"references": [{"type": "freebsd", "idList": ["A3495E61-047F-11EB-86EA-001B217B3468"]}, {"type": "cve", "idList": ["CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13335", "CVE-2020-13327", "CVE-2020-13332"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-13327", "UB:CVE-2020-13334", "UB:CVE-2020-13333", "UB:CVE-2020-13335"]}], "modified": "2021-08-05T12:58:15", "rev": 2}, "score": {"value": 5.2, "vector": "NONE", "modified": "2021-08-05T12:58:15", "rev": 2}}, "objectVersion": "1.6", "pluginID": "141148", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141148);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/06\");\n\n script_cve_id(\"CVE-2020-13327\", \"CVE-2020-13332\", \"CVE-2020-13333\", \"CVE-2020-13334\", \"CVE-2020-13335\");\n\n script_name(english:\"FreeBSD : Gitlab -- multiple vulnerabilities (a3495e61-047f-11eb-86ea-001b217b3468)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Gitlab reports :\n\nPotential Denial Of Service Via Update Release Links API\n\nInsecure Storage of Session Key In Redis\n\nImproper Access Expiration Date Validation\n\nCross-Site Scripting in Multiple Pages\n\nUnauthorized Users Can View Custom Project Template\n\nCross-Site Scripting in SVG Image Preview\n\nIncomplete Handling in Account Deletion\n\nInsufficient Rate Limiting at Re-Sending Confirmation Email\n\nImproper Type Check in GraphQL\n\nTo-dos Are Not Redacted When Membership Changes\n\nGuest users can modify confidentiality attribute\n\nCommand injection on runner host\n\nInsecure Runner Configuration in Kubernetes Environments\"\n );\n # https://about.gitlab.com/releases/2020/10/01/security-release-13-4-2-release/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?af908d2e\"\n );\n # https://vuxml.freebsd.org/freebsd/a3495e61-047f-11eb-86ea-001b217b3468.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e37a3925\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13327\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gitlab-ce\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=13.4.0<13.4.2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=13.3.0<13.3.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=7.12<13.2.10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "FreeBSD Local Security Checks", "cpe": [], "solution": "Update the affected packages.", "nessusSeverity": "", "cvssScoreSource": "CVE-2020-13327", "vpr": {"risk factor": "Medium", "score": "5.9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-10-02T00:00:00", "vulnerabilityPublicationDate": "2020-10-01T00:00:00", "exploitableWith": []}, "lastseen": "2021-08-05T12:58:15", "differentElements": ["cpe"], "edition": 7}, {"bulletin": {"id": "FREEBSD_PKG_A3495E61047F11EB86EA001B217B3468.NASL", "hash": "47f8d50f44177acc4b99fca49c3fb1d2", "type": "nessus", "bulletinFamily": "scanner", "title": "FreeBSD : Gitlab -- multiple vulnerabilities (a3495e61-047f-11eb-86ea-001b217b3468)", "description": "Gitlab reports :\n\nPotential Denial Of Service Via Update Release Links API\n\nInsecure Storage of Session Key In Redis\n\nImproper Access Expiration Date Validation\n\nCross-Site Scripting in Multiple Pages\n\nUnauthorized Users Can View Custom Project Template\n\nCross-Site Scripting in SVG Image Preview\n\nIncomplete Handling in Account Deletion\n\nInsufficient Rate Limiting at Re-Sending Confirmation Email\n\nImproper Type Check in GraphQL\n\nTo-dos Are Not Redacted When Membership Changes\n\nGuest users can modify confidentiality attribute\n\nCommand injection on runner host\n\nInsecure Runner Configuration in Kubernetes Environments", "published": "2020-10-05T00:00:00", "modified": "2020-11-06T00:00:00", "cvss": {"score": 6, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "href": "https://www.tenable.com/plugins/nessus/141148", "reporter": "This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13335", "http://www.nessus.org/u?e37a3925", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13333", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13327", "http://www.nessus.org/u?af908d2e", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13334", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13332"], "cvelist": ["CVE-2020-13327", "CVE-2020-13332", "CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13335"], "immutableFields": [], "lastseen": "2021-08-06T13:34:06", "history": [], "viewCount": 35, "enchantments": {"dependencies": {"references": [{"type": "freebsd", "idList": ["A3495E61-047F-11EB-86EA-001B217B3468"]}, {"type": "cve", "idList": ["CVE-2020-13334", "CVE-2020-13332", "CVE-2020-13327", "CVE-2020-13333", "CVE-2020-13335"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-13327", "UB:CVE-2020-13335", "UB:CVE-2020-13334", "UB:CVE-2020-13333"]}], "modified": "2021-08-06T13:34:06", "rev": 2}, "score": {"value": 5.2, "vector": "NONE", "modified": "2021-08-06T13:34:06", "rev": 2}}, "objectVersion": "1.6", "pluginID": "141148", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141148);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/06\");\n\n script_cve_id(\"CVE-2020-13327\", \"CVE-2020-13332\", \"CVE-2020-13333\", \"CVE-2020-13334\", \"CVE-2020-13335\");\n\n script_name(english:\"FreeBSD : Gitlab -- multiple vulnerabilities (a3495e61-047f-11eb-86ea-001b217b3468)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Gitlab reports :\n\nPotential Denial Of Service Via Update Release Links API\n\nInsecure Storage of Session Key In Redis\n\nImproper Access Expiration Date Validation\n\nCross-Site Scripting in Multiple Pages\n\nUnauthorized Users Can View Custom Project Template\n\nCross-Site Scripting in SVG Image Preview\n\nIncomplete Handling in Account Deletion\n\nInsufficient Rate Limiting at Re-Sending Confirmation Email\n\nImproper Type Check in GraphQL\n\nTo-dos Are Not Redacted When Membership Changes\n\nGuest users can modify confidentiality attribute\n\nCommand injection on runner host\n\nInsecure Runner Configuration in Kubernetes Environments\"\n );\n # https://about.gitlab.com/releases/2020/10/01/security-release-13-4-2-release/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?af908d2e\"\n );\n # https://vuxml.freebsd.org/freebsd/a3495e61-047f-11eb-86ea-001b217b3468.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e37a3925\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13327\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gitlab-ce\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=13.4.0<13.4.2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=13.3.0<13.3.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=7.12<13.2.10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "FreeBSD Local Security Checks", "cpe": ["p-cpe:/a:freebsd:freebsd:gitlab-ce", "cpe:/o:freebsd:freebsd"], "solution": "Update the affected packages.", "nessusSeverity": "", "cvssScoreSource": "CVE-2020-13327", "vpr": {"risk factor": "Medium", "score": "5.9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-10-02T00:00:00", "vulnerabilityPublicationDate": "2020-10-01T00:00:00", "exploitableWith": []}, "lastseen": "2021-08-06T13:34:06", "differentElements": ["nessusSeverity"], "edition": 8}], "viewCount": 36, "enchantments": {"dependencies": {"references": [{"type": "freebsd", "idList": ["A3495E61-047F-11EB-86EA-001B217B3468"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-13327", "UB:CVE-2020-13335", "UB:CVE-2020-13333", "UB:CVE-2020-13334"]}, {"type": "cve", "idList": ["CVE-2020-13335", "CVE-2020-13334", "CVE-2020-13333", "CVE-2020-13327", "CVE-2020-13332"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-13334", "DEBIANCVE:CVE-2020-13335", "DEBIANCVE:CVE-2020-13327", "DEBIANCVE:CVE-2020-13333"]}], "modified": "2021-08-19T12:12:47", "rev": 2}, "score": {"value": 5.2, "vector": "NONE", "modified": "2021-08-19T12:12:47", "rev": 2}}, "objectVersion": "1.6", "pluginID": "141148", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(141148);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/06\");\n\n script_cve_id(\"CVE-2020-13327\", \"CVE-2020-13332\", \"CVE-2020-13333\", \"CVE-2020-13334\", \"CVE-2020-13335\");\n\n script_name(english:\"FreeBSD : Gitlab -- multiple vulnerabilities (a3495e61-047f-11eb-86ea-001b217b3468)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Gitlab reports :\n\nPotential Denial Of Service Via Update Release Links API\n\nInsecure Storage of Session Key In Redis\n\nImproper Access Expiration Date Validation\n\nCross-Site Scripting in Multiple Pages\n\nUnauthorized Users Can View Custom Project Template\n\nCross-Site Scripting in SVG Image Preview\n\nIncomplete Handling in Account Deletion\n\nInsufficient Rate Limiting at Re-Sending Confirmation Email\n\nImproper Type Check in GraphQL\n\nTo-dos Are Not Redacted When Membership Changes\n\nGuest users can modify confidentiality attribute\n\nCommand injection on runner host\n\nInsecure Runner Configuration in Kubernetes Environments\"\n );\n # https://about.gitlab.com/releases/2020/10/01/security-release-13-4-2-release/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?af908d2e\"\n );\n # https://vuxml.freebsd.org/freebsd/a3495e61-047f-11eb-86ea-001b217b3468.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e37a3925\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-13327\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:gitlab-ce\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/10/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=13.4.0<13.4.2\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=13.3.0<13.3.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"gitlab-ce>=7.12<13.2.10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "FreeBSD Local Security Checks", "cpe": ["p-cpe:/a:freebsd:freebsd:gitlab-ce", "cpe:/o:freebsd:freebsd"], "solution": "Update the affected packages.", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2020-13327", "vpr": {"risk factor": "Medium", "score": "5.9"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-10-02T00:00:00", "vulnerabilityPublicationDate": "2020-10-01T00:00:00", "exploitableWith": [], "_object_type": "robots.models.nessus.NessusBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.nessus.NessusBulletin"]}], "freebsd": [{"id": "A3495E61-047F-11EB-86EA-001B217B3468", "bulletinFamily": "unix", "title": "Gitlab -- multiple vulnerabilities", "description": "\nGitlab reports:\n\nPotential Denial Of Service Via Update Release Links API\nInsecure Storage of Session Key In Redis\nImproper Access Expiration Date Validation\nCross-Site Scripting in Multiple Pages\nUnauthorized Users Can View Custom Project Template\nCross-Site Scripting in SVG Image Preview\nIncomplete Handling in Account Deletion\nInsufficient Rate Limiting at Re-Sending Confirmation Email\nImproper Type Check in GraphQL\nTo-dos Are Not Redacted When Membership Changes\nGuest users can modify confidentiality attribute\nCommand injection on runner host\nInsecure Runner Configuration in Kubernetes Environments\n\n", "published": "2020-10-01T00:00:00", "modified": "2020-10-01T00:00:00", "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, "href": "https://vuxml.freebsd.org/freebsd/a3495e61-047f-11eb-86ea-001b217b3468.html", "reporter": "FreeBSD", "references": ["https://about.gitlab.com/releases/2020/10/01/security-release-13-4-2-release/"], "cvelist": ["CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13327", "CVE-2020-13332", "CVE-2020-13335"], "type": "freebsd", "lastseen": "2021-07-28T14:32:44", "history": [{"bulletin": {"affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "eq", "packageFilename": "UNKNOWN", "packageName": "gitlab-ce", "packageVersion": "13.4.0"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "gitlab-ce", "packageVersion": "13.4.2"}], "bulletinFamily": "unix", "cvelist": ["CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13327", "CVE-2020-13332", "CVE-2020-13335"], "cvss": {"score": 6.0, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {}, "description": "\nGitlab reports:\n\nPotential Denial Of Service Via Update Release Links API\nInsecure Storage of Session Key In Redis\nImproper Access Expiration Date Validation\nCross-Site Scripting in Multiple Pages\nUnauthorized Users Can View Custom Project Template\nCross-Site Scripting in SVG Image Preview\nIncomplete Handling in Account Deletion\nInsufficient Rate Limiting at Re-Sending Confirmation Email\nImproper Type Check in GraphQL\nTo-dos Are Not Redacted When Membership Changes\nGuest users can modify confidentiality attribute\nCommand injection on runner host\nInsecure Runner Configuration in Kubernetes Environments\n\n", "edition": 4, "enchantments": {"dependencies": {"modified": "2020-11-03T13:16:53", "references": [{"idList": ["UB:CVE-2020-13335", "UB:CVE-2020-13334", "UB:CVE-2020-13333", "UB:CVE-2020-13327"], "type": "ubuntucve"}, {"idList": ["FREEBSD_PKG_A3495E61047F11EB86EA001B217B3468.NASL"], "type": "nessus"}, {"idList": ["CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13327", "CVE-2020-13332", "CVE-2020-13335"], "type": "cve"}], "rev": 2}, "score": {"modified": "2020-11-03T13:16:53", "rev": 2, "value": 5.3, "vector": "NONE"}}, "hash": "465f68bc802470b9c7b1d5f3de3806201b2237a23d936297e804b79016c7e307", "hashmap": [{"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "immutableFields"}, {"hash": "e2030ad9ee2a3a63e0dc67dfe7db125a", "key": "references"}, {"hash": "1bbcc7f6761b1ec7cc6199edc64b4150", "key": "modified"}, {"hash": "d21ac811d9123f8b274b461d7e2281ad", "key": "cvss"}, {"hash": "a3dc630729e463135f4e608954fa6e19", "key": "reporter"}, {"hash": "ea75308e4a1ded5046c8d2618854a47d", "key": "description"}, {"hash": "aeefd78872aa2562c108fa508b008d96", "key": "affectedPackage"}, {"hash": "b6e05c73864e9bad54c1595978023fb8", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss2"}, {"hash": "1527e888767cdce15d200b870b39cfd0", "key": "type"}, {"hash": "dd5810c845ba09ba24f978e1da5a0768", "key": "title"}, {"hash": "1bbcc7f6761b1ec7cc6199edc64b4150", "key": "published"}, {"hash": "3b51390110b6833654e9e07a9db92ad2", "key": "cvelist"}], "history": [], "href": "https://vuxml.freebsd.org/freebsd/a3495e61-047f-11eb-86ea-001b217b3468.html", "id": "A3495E61-047F-11EB-86EA-001B217B3468", "immutableFields": [], "lastseen": "2020-11-03T13:16:53", "modified": "2020-10-01T00:00:00", "objectVersion": "1.5", "published": "2020-10-01T00:00:00", "references": ["https://about.gitlab.com/releases/2020/10/01/security-release-13-4-2-release/"], "reporter": "FreeBSD", "title": "Gitlab -- multiple vulnerabilities", "type": "freebsd", "viewCount": 29}, "different_elements": ["cvss3", "cvss2"], "edition": 4, "lastseen": "2020-11-03T13:16:53"}, {"bulletin": {"affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "eq", "packageFilename": "UNKNOWN", "packageName": "gitlab-ce", "packageVersion": "13.4.0"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "gitlab-ce", "packageVersion": "13.4.2"}], "bulletinFamily": "unix", "cvelist": ["CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13327", "CVE-2020-13332", "CVE-2020-13335"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "\nGitlab reports:\n\nPotential Denial Of Service Via Update Release Links API\nInsecure Storage of Session Key In Redis\nImproper Access Expiration Date Validation\nCross-Site Scripting in Multiple Pages\nUnauthorized Users Can View Custom Project Template\nCross-Site Scripting in SVG Image Preview\nIncomplete Handling in Account Deletion\nInsufficient Rate Limiting at Re-Sending Confirmation Email\nImproper Type Check in GraphQL\nTo-dos Are Not Redacted When Membership Changes\nGuest users can modify confidentiality attribute\nCommand injection on runner host\nInsecure Runner Configuration in Kubernetes Environments\n\n", "edition": 1, "enchantments": {"dependencies": {"modified": "2020-10-02T10:42:35", "references": [{"idList": ["FREEBSD_PKG_A3495E61047F11EB86EA001B217B3468.NASL"], "type": "nessus"}, {"idList": ["CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13332", "CVE-2020-13335"], "type": "cve"}], "rev": 2}, "score": {"modified": "2020-10-02T10:42:35", "rev": 2, "value": 5.3, "vector": "NONE"}}, "hash": "ce10c69e405bbdc8fb23796906b9de7925ce71b20fab7074d3fbbdbe8afae0a9", "hashmap": [{"hash": "e2030ad9ee2a3a63e0dc67dfe7db125a", "key": "references"}, {"hash": "1bbcc7f6761b1ec7cc6199edc64b4150", "key": "modified"}, {"hash": "a3dc630729e463135f4e608954fa6e19", "key": "reporter"}, {"hash": "ea75308e4a1ded5046c8d2618854a47d", "key": "description"}, {"hash": "aeefd78872aa2562c108fa508b008d96", "key": "affectedPackage"}, {"hash": "b6e05c73864e9bad54c1595978023fb8", "key": "href"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "1527e888767cdce15d200b870b39cfd0", "key": "type"}, {"hash": "dd5810c845ba09ba24f978e1da5a0768", "key": "title"}, {"hash": "1bbcc7f6761b1ec7cc6199edc64b4150", "key": "published"}, {"hash": "3b51390110b6833654e9e07a9db92ad2", "key": "cvelist"}], "history": [], "href": "https://vuxml.freebsd.org/freebsd/a3495e61-047f-11eb-86ea-001b217b3468.html", "id": "A3495E61-047F-11EB-86EA-001B217B3468", "lastseen": "2020-10-02T10:42:35", "modified": "2020-10-01T00:00:00", "objectVersion": "1.3", "published": "2020-10-01T00:00:00", "references": ["https://about.gitlab.com/releases/2020/10/01/security-release-13-4-2-release/"], "reporter": "FreeBSD", "title": "Gitlab -- multiple vulnerabilities", "type": "freebsd", "viewCount": 23}, "differentElements": ["cvss"], "edition": 1, "lastseen": "2020-10-02T10:42:35"}, {"bulletin": {"affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "eq", "packageFilename": "UNKNOWN", "packageName": "gitlab-ce", "packageVersion": "13.4.0"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "gitlab-ce", "packageVersion": "13.4.2"}], "bulletinFamily": "unix", "cvelist": ["CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13327", "CVE-2020-13332", "CVE-2020-13335"], "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}, "description": "\nGitlab reports:\n\nPotential Denial Of Service Via Update Release Links API\nInsecure Storage of Session Key In Redis\nImproper Access Expiration Date Validation\nCross-Site Scripting in Multiple Pages\nUnauthorized Users Can View Custom Project Template\nCross-Site Scripting in SVG Image Preview\nIncomplete Handling in Account Deletion\nInsufficient Rate Limiting at Re-Sending Confirmation Email\nImproper Type Check in GraphQL\nTo-dos Are Not Redacted When Membership Changes\nGuest users can modify confidentiality attribute\nCommand injection on runner host\nInsecure Runner Configuration in Kubernetes Environments\n\n", "edition": 3, "enchantments": {"dependencies": {"modified": "2020-10-16T13:01:08", "references": [{"idList": ["FREEBSD_PKG_A3495E61047F11EB86EA001B217B3468.NASL"], "type": "nessus"}, {"idList": ["CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13327", "CVE-2020-13332", "CVE-2020-13335"], "type": "cve"}], "rev": 2}, "score": {"modified": "2020-10-16T13:01:08", "rev": 2, "value": 5.3, "vector": "NONE"}}, "hash": "bc5165c978cc7d59c1a9a0379eb971f728e05977cd71c02c6d9202513d3d0818", "hashmap": [{"hash": "b5bbdd851ff7634dd01c09e00d03be1e", "key": "cvss"}, {"hash": "e2030ad9ee2a3a63e0dc67dfe7db125a", "key": "references"}, {"hash": "1bbcc7f6761b1ec7cc6199edc64b4150", "key": "modified"}, {"hash": "a3dc630729e463135f4e608954fa6e19", "key": "reporter"}, {"hash": "ea75308e4a1ded5046c8d2618854a47d", "key": "description"}, {"hash": "aeefd78872aa2562c108fa508b008d96", "key": "affectedPackage"}, {"hash": "b6e05c73864e9bad54c1595978023fb8", "key": "href"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "1527e888767cdce15d200b870b39cfd0", "key": "type"}, {"hash": "dd5810c845ba09ba24f978e1da5a0768", "key": "title"}, {"hash": "1bbcc7f6761b1ec7cc6199edc64b4150", "key": "published"}, {"hash": "3b51390110b6833654e9e07a9db92ad2", "key": "cvelist"}], "history": [], "href": "https://vuxml.freebsd.org/freebsd/a3495e61-047f-11eb-86ea-001b217b3468.html", "id": "A3495E61-047F-11EB-86EA-001B217B3468", "lastseen": "2020-10-16T13:01:08", "modified": "2020-10-01T00:00:00", "objectVersion": "1.3", "published": "2020-10-01T00:00:00", "references": ["https://about.gitlab.com/releases/2020/10/01/security-release-13-4-2-release/"], "reporter": "FreeBSD", "title": "Gitlab -- multiple vulnerabilities", "type": "freebsd", "viewCount": 25}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2020-10-16T13:01:08"}, {"bulletin": {"affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "eq", "packageFilename": "UNKNOWN", "packageName": "gitlab-ce", "packageVersion": "13.4.0"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "gitlab-ce", "packageVersion": "13.4.2"}], "bulletinFamily": "unix", "cvelist": ["CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13327", "CVE-2020-13332", "CVE-2020-13335"], "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, "description": "\nGitlab reports:\n\nPotential Denial Of Service Via Update Release Links API\nInsecure Storage of Session Key In Redis\nImproper Access Expiration Date Validation\nCross-Site Scripting in Multiple Pages\nUnauthorized Users Can View Custom Project Template\nCross-Site Scripting in SVG Image Preview\nIncomplete Handling in Account Deletion\nInsufficient Rate Limiting at Re-Sending Confirmation Email\nImproper Type Check in GraphQL\nTo-dos Are Not Redacted When Membership Changes\nGuest users can modify confidentiality attribute\nCommand injection on runner host\nInsecure Runner Configuration in Kubernetes Environments\n\n", "edition": 2, "enchantments": {"dependencies": {"modified": "2020-10-14T13:00:57", "references": [{"idList": ["FREEBSD_PKG_A3495E61047F11EB86EA001B217B3468.NASL"], "type": "nessus"}, {"idList": ["CVE-2020-13333", "CVE-2020-13334", "CVE-2020-13332", "CVE-2020-13335"], "type": "cve"}], "rev": 2}, "score": {"modified": "2020-10-14T13:00:57", "rev": 2, "value": 5.3, "vector": "NONE"}}, "hash": "a26e0f8ab22dcbb548fa8fbe03b00564332e40039912850d7747f28ac400b56d", "hashmap": [{"hash": "e2030ad9ee2a3a63e0dc67dfe7db125a", "key": "references"}, {"hash": "1bbcc7f6761b1ec7cc6199edc64b4150", "key": "modified"}, {"hash": "3a24dfd360218a9ca36afb3843751b95", "key": "cvss"}, {"hash": "a3dc630729e463135f4e608954fa6e19", "key": "reporter"}, {"hash": "ea75308e4a1ded5046c8d2618854a47d", "key": "description"}, {"hash": "aeefd78872aa2562c108fa508b008d96", "key": "affectedPackage"}, {"hash": "b6e05c73864e9bad54c1595978023fb8", "key": "href"}, {"hash": "4913a9178621eadcdf191db17915fbcb", "key": "bulletinFamily"}, {"hash": "1527e888767cdce15d200b870b39cfd0", "key": "type"}, {"hash": "dd5810c845ba09ba24f978e1da5a0768", "key": "title"}, {"hash": "1bbcc7f6761b1ec7cc6199edc64b4150", "key": "published"}, {"hash": "3b51390110b6833654e9e07a9db92ad2", "key": "cvelist"}], "history": [], "href": "https://vuxml.freebsd.org/freebsd/a3495e61-047f-11eb-86ea-001b217b3468.html", "id": "A3495E61-047F-11EB-86EA-001B217B3468", "lastseen": "2020-10-14T13:00:57", "modified": "2020-10-01T00:00:00", "objectVersion": "1.3", "published": "2020-10-01T00:00:00", "references": ["https://about.gitlab.com/releases/2020/10/01/security-release-13-4-2-release/"], "reporter": "FreeBSD", "title": "Gitlab -- multiple vulnerabilities", "type": "freebsd", "viewCount": 24}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2020-10-14T13:00:57"}], "edition": 5, "hashmap": [{"key": "affectedPackage", "hash": "aeefd78872aa2562c108fa508b008d96"}, {"key": "bulletinFamily", "hash": "4913a9178621eadcdf191db17915fbcb"}, {"key": "cvelist", "hash": "3b51390110b6833654e9e07a9db92ad2"}, {"key": "cvss", "hash": "d21ac811d9123f8b274b461d7e2281ad"}, {"key": "cvss2", "hash": "0ca2d6efb802867b14c302da6ced2d80"}, {"key": "cvss3", "hash": "c075811a601fbb3d723770b5f87d7f78"}, {"key": "description", "hash": "ea75308e4a1ded5046c8d2618854a47d"}, {"key": "href", "hash": "b6e05c73864e9bad54c1595978023fb8"}, {"key": "immutableFields", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "modified", "hash": "1bbcc7f6761b1ec7cc6199edc64b4150"}, {"key": "published", "hash": "1bbcc7f6761b1ec7cc6199edc64b4150"}, {"key": "references", "hash": "e2030ad9ee2a3a63e0dc67dfe7db125a"}, {"key": "reporter", "hash": "a3dc630729e463135f4e608954fa6e19"}, {"key": "title", "hash": "dd5810c845ba09ba24f978e1da5a0768"}, {"key": "type", "hash": "1527e888767cdce15d200b870b39cfd0"}], "hash": "5b7a162b28e9a356555bb7f65c1d8245374057b6a2d27a0a92d51a714cbfe7f9", "viewCount": 31, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["FREEBSD_PKG_A3495E61047F11EB86EA001B217B3468.NASL"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-13327", "UB:CVE-2020-13335", "UB:CVE-2020-13333", "UB:CVE-2020-13334"]}, {"type": "cve", "idList": ["CVE-2020-13335", "CVE-2020-13334", "CVE-2020-13333", "CVE-2020-13327", "CVE-2020-13332"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-13335", "DEBIANCVE:CVE-2020-13334", "DEBIANCVE:CVE-2020-13333", "DEBIANCVE:CVE-2020-13327"]}], "modified": "2021-07-28T14:32:44", "rev": 2}, "score": {"value": 5.3, "vector": "NONE", "modified": "2021-07-28T14:32:44", "rev": 2}}, "objectVersion": "1.6", "affectedPackage": [{"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "eq", "packageFilename": "UNKNOWN", "packageName": "gitlab-ce", "packageVersion": "13.4.0"}, {"OS": "FreeBSD", "OSVersion": "any", "arch": "noarch", "operator": "lt", "packageFilename": "UNKNOWN", "packageName": "gitlab-ce", "packageVersion": "13.4.2"}], "scheme": null, "immutableFields": [], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 5.9}}]}