Описание
An issue was discovered in the wiki API in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for remote code execution.
Ссылки
- Vendor Advisory
- Broken LinkVendor Advisory
- Vendor Advisory
- Broken LinkVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 11.3.0 (включая) до 11.3.8 (исключая)Версия от 11.3.0 (включая) до 11.3.8 (исключая)Версия от 11.4.0 (включая) до 11.4.3 (исключая)Версия от 11.4.0 (включая) до 11.4.3 (исключая)
Одно из
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 98%
0.54969
Средний
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 6 лет назад
An issue was discovered in the wiki API in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for remote code execution.
CVSS3: 9.8
debian
больше 6 лет назад
An issue was discovered in the wiki API in GitLab Community and Enterp ...
CVSS3: 9.8
github
около 3 лет назад
An issue was discovered in the wiki API in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for remote code execution.
EPSS
Процентиль: 98%
0.54969
Средний
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
NVD-CWE-noinfo