CVE-2013-4546

Currently unrated

Key Information:

Vendor: Gitlab
Status: Gitlab; Gitlab-shell
Vendor: CVE Published:; 13 May 2014

Summary

The repository import feature in gitlab-shell before 1.7.4, as used in GitLab, allows remote authenticated users to execute arbitrary commands via the import URL.

References

https://www.gitlab.com/2013/11/08/security-vulnerability-...

x_refsource_CONFIRM

http://www.openwall.com/lists/oss-security/2013/11/11/2

mailing-listx_refsource_MLIST

https://gitlab.com/gitlab-org/gitlab-shell/blob/master/CH...

x_refsource_CONFIRM

Timeline

Vulnerability published
May 13, 2014
Vulnerability Reserved
Jun 12, 2013

Collectors

NVD DatabaseMitre Database