CVE-2020-26409

Summary

A DOS vulnerability exists in Gitlab CE/EE >=10.3, <13.4.7,>=13.5, <13.5.5,>=13.6, <13.6.2 that allows an attacker to trigger uncontrolled resource by bypassing input validation in markdown fields.

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab CE/EE>=10.3affected
GitLabGitLab CE/EE<13.4.7affected
GitLabGitLab CE/EE>=13.5affected
GitLabGitLab CE/EE<13.5.5affected
GitLabGitLab CE/EE>=13.6affected
GitLabGitLab CE/EE<13.6.2affected

Weaknesses

  • Uncontrolled resource consumption in GitLab

ADP Enrichment

CVE Program Container

Additional References

References