Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2020-13347
HistoryOct 07, 2020 - 2:15 p.m.

CVE-2020-13347

2020-10-0714:15:11
Google
osv.dev
9
command injection
gitlab runner
windows system
docker executor
arbitrary commands

AI Score

7.5

Confidence

High

EPSS

0.007

Percentile

80.5%

JSON

A command injection vulnerability was discovered in Gitlab runner versions prior to 13.2.4, 13.3.2 and 13.4.1. When the runner is configured on a Windows system with a docker executor, which allows the attacker to run arbitrary commands on Windows host, via DOCKER_AUTH_CONFIG build variable.

Related

prion 1
cvelist 1
debiancve 1
osv 1
ubuntucve 1
nvd 1
cve 1
prion
prion
Command injection
2020-10-07 14:15:00
cvelist
cvelist
CVE-2020-13347
2020-10-07 13:14:16
debiancve
debiancve
CVE-2020-13347
2020-10-07 14:15:11
osv
osv
BIT-gitlab-2020-13347
2024-03-06 11:21:39
ubuntucve
ubuntucve
CVE-2020-13347
2020-10-07 00:00:00
nvd
nvd
CVE-2020-13347
2020-10-07 14:15:11
cve
cve
CVE-2020-13347
2020-10-07 14:15:11

AI Score

7.5

Confidence

High

EPSS

0.007

Percentile

80.5%

JSON
Related for OSV:CVE-2020-13347
prion1cvelist1debiancve1osv1ubuntucve1nvd1cve1