CVE-2017-0916

Опубликовано: 21 мар. 2018

Источник: debian

Описание

Gitlab Community Edition version 10.3 is vulnerable to a lack of input validation in the system_hook_push queue through web hook component resulting in remote code execution.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gitlab	fixed	10.5.5+dfsg-1		package

Примечания

https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/
https://gitlab.com/gitlab-org/gitlab-ce/commit/7fc0a6fc096768a5604d6dd24d7d952e53300c82

Связанные уязвимости

CVE-2017-0916

CVSS3: 9.8

ubuntu

около 7 лет назад

Gitlab Community Edition version 10.3 is vulnerable to a lack of input validation in the system_hook_push queue through web hook component resulting in remote code execution.

CVE-2017-0916

CVSS3: 9.8

nvd

около 7 лет назад

Gitlab Community Edition version 10.3 is vulnerable to a lack of input validation in the system_hook_push queue through web hook component resulting in remote code execution.

GHSA-47xx-c7pc-hm29

CVSS3: 9.8

github

около 3 лет назад

Gitlab Community Edition version 10.3 is vulnerable to a lack of input validation in the system_hook_push queue through web hook component resulting in remote code execution.