Gitlab Community and Enterprise Editions version 10.3.3 is vulnerable to an Insecure Temporary File in the project import component resulting remote code execution.
2018-03-21T20:29:01.027
2024-11-21T04:05:55.560
Modified
CVSSv3.1: 7.8 (HIGH)
AV:N/AC:M/Au:N/C:P/I:P/A:P
8.6
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | gitlab | gitlab | ≤ 9.5.10 | Yes |
| Application | gitlab | gitlab | ≤ 9.5.10 | Yes |
| Application | gitlab | gitlab | ≤ 10.1.5 | Yes |
| Application | gitlab | gitlab | ≤ 10.1.15 | Yes |
| Application | gitlab | gitlab | ≤ 10.2.5 | Yes |
| Application | gitlab | gitlab | ≤ 10.2.5 | Yes |
| Application | gitlab | gitlab | ≤ 10.3.3 | Yes |
| Application | gitlab | gitlab | ≤ 10.3.3 | Yes |
| Operating System | debian | debian_linux | 9.0 | Yes |