Описание
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- Vendor Advisory
- Broken Link
- Permissions RequiredThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party AdvisoryVDB Entry
- Vendor Advisory
- Broken Link
- Permissions RequiredThird Party Advisory
Уязвимые конфигурации
Одно из
EPSS
10 Critical
CVSS3
7.5 High
CVSS2
Дефекты
Связанные уязвимости
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution.
An issue has been discovered in GitLab CE/EE affecting all versions st ...
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution.
Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связанная с недостаточной проверкой входных данных, позволяющая нарушителю выполнить произвольные команды
EPSS
10 Critical
CVSS3
7.5 High
CVSS2