Skip to main content

Gitlab Shell

3 CVEs product

Monthly

CVE-2013-4546 MEDIUM PATCH This Month

The repository import feature in gitlab-shell before 1.7.4, as used in GitLab, allows remote authenticated users to execute arbitrary commands via the import URL. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Gitlab Information Disclosure Gitlab Shell
NVD
CVSS 2.0
6.5
EPSS
0.2%
CVE-2013-4490 MEDIUM POC PATCH THREAT This Month

The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3, as used in GitLab 5.0 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 49.8%.

Gitlab Information Disclosure Gitlab Shell
NVD Exploit-DB
CVSS 2.0
6.5
EPSS
49.8%
Threat
4.3
CVE-2013-4581 MEDIUM PATCH This Month

GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote attackers to execute arbitrary code via a crafted change using SSH. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Gitlab Code Injection Gitlab Shell
NVD
CVSS 2.0
6.8
EPSS
1.1%
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

The repository import feature in gitlab-shell before 1.7.4, as used in GitLab, allows remote authenticated users to execute arbitrary commands via the import URL. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Gitlab Information Disclosure Gitlab Shell
NVD
EPSS 50% 4.3 CVSS 6.5
MEDIUM POC PATCH THREAT This Month

The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3, as used in GitLab 5.0 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 49.8%.

Gitlab Information Disclosure Gitlab Shell
NVD Exploit-DB
EPSS 1% CVSS 6.8
MEDIUM PATCH This Month

GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote attackers to execute arbitrary code via a crafted change using SSH. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. This Code Injection vulnerability could allow attackers to inject and execute arbitrary code within the application.

RCE Gitlab Code Injection +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy