Vulnerabilities (CVE)

Filtered by vendor Gitlab Subscribe

Filtered by product Gitlab-shell

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2013-4546	1 Gitlab	2 Gitlab, Gitlab-shell	2014-05-14	6.5 MEDIUM	N/A
The repository import feature in gitlab-shell before 1.7.4, as used in GitLab, allows remote authenticated users to execute arbitrary commands via the import URL.
CVE-2013-4490	1 Gitlab	2 Gitlab, Gitlab-shell	2014-05-14	6.5 MEDIUM	N/A
The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3, as used in GitLab 5.0 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key.
CVE-2013-4581	1 Gitlab	2 Gitlab, Gitlab-shell	2014-05-12	6.8 MEDIUM	N/A
GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote attackers to execute arbitrary code via a crafted change using SSH.