Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2016-9086

GitLab versions 8.9.x and above contain a critical security flaw in the "import/export project" feature of GitLab. Added in GitLab 8.9, this feature allows a user to export and then re-import their projects as tape archive files (tar). All GitLab versions prior to 8.13.0 restricted this feature to administrators only. Starting with version 8.13.0 this feature was made available to all users. This feature did not properly check for symbolic links in user-provided archives and therefore it was possible for an authenticated user to retrieve the contents of any file accessible to the GitLab service account. This included sensitive files such as those that contain secret tokens used by the GitLab service to authenticate users. GitLab CE and EE versions 8.13.0 through 8.13.2, 8.12.0 through 8.12.7, 8.11.0 through 8.11.10, 8.10.0 through 8.10.12, and 8.9.0 through 8.9.11 are affected.

Published

2016-11-03T10:59:09.763

Last Modified

2025-04-12T10:46:40.837

Status

Deferred

Source

[email protected]

Severity

CVSSv3.0: 6.5 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality Impact: PARTIAL
Integrity Impact: NONE
Availability Impact: NONE

Exploitability Score

8.0

Impact Score

2.9

Weaknesses

Type: Primary
CWE-200

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	gitlab	gitlab	8.9.0	Yes
Application	gitlab	gitlab	8.9.1	Yes
Application	gitlab	gitlab	8.9.2	Yes
Application	gitlab	gitlab	8.9.3	Yes
Application	gitlab	gitlab	8.9.4	Yes
Application	gitlab	gitlab	8.9.5	Yes
Application	gitlab	gitlab	8.9.6	Yes
Application	gitlab	gitlab	8.9.7	Yes
Application	gitlab	gitlab	8.9.8	Yes
Application	gitlab	gitlab	8.9.9	Yes
Application	gitlab	gitlab	8.9.10	Yes
Application	gitlab	gitlab	8.9.11	Yes
Application	gitlab	gitlab	8.10.0	Yes
Application	gitlab	gitlab	8.10.1	Yes
Application	gitlab	gitlab	8.10.2	Yes
Application	gitlab	gitlab	8.10.3	Yes
Application	gitlab	gitlab	8.10.4	Yes
Application	gitlab	gitlab	8.10.5	Yes
Application	gitlab	gitlab	8.10.6	Yes
Application	gitlab	gitlab	8.10.7	Yes
Application	gitlab	gitlab	8.10.8	Yes
Application	gitlab	gitlab	8.10.9	Yes
Application	gitlab	gitlab	8.10.10	Yes
Application	gitlab	gitlab	8.10.11	Yes
Application	gitlab	gitlab	8.10.12	Yes
Application	gitlab	gitlab	8.11.0	Yes
Application	gitlab	gitlab	8.11.1	Yes
Application	gitlab	gitlab	8.11.2	Yes
Application	gitlab	gitlab	8.11.3	Yes
Application	gitlab	gitlab	8.11.4	Yes
Application	gitlab	gitlab	8.11.5	Yes
Application	gitlab	gitlab	8.11.6	Yes
Application	gitlab	gitlab	8.11.7	Yes
Application	gitlab	gitlab	8.11.8	Yes
Application	gitlab	gitlab	8.11.9	Yes
Application	gitlab	gitlab	8.12.0	Yes
Application	gitlab	gitlab	8.12.1	Yes
Application	gitlab	gitlab	8.12.2	Yes
Application	gitlab	gitlab	8.12.3	Yes
Application	gitlab	gitlab	8.12.4	Yes
Application	gitlab	gitlab	8.12.5	Yes
Application	gitlab	gitlab	8.12.6	Yes
Application	gitlab	gitlab	8.12.7	Yes
Application	gitlab	gitlab	8.13.0	Yes
Application	gitlab	gitlab	8.13.1	Yes
Application	gitlab	gitlab	8.13.2	Yes

References

http://www.securityfocus.com/bid/94136 Third Party Advisory, VDB Entry ([email protected])
https://about.gitlab.com/2016/11/02/cve-2016-9086-patches/ Mitigation, Patch, Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/94136 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
https://about.gitlab.com/2016/11/02/cve-2016-9086-patches/ Mitigation, Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)