Lucene search
HackeroneCVELIST:CVE-2017-0914HistoryMar 21, 2018 - 8:00 p.m.
CVE-2017-0914
2018-03-2120:00:00
CWE-89
hackerone
www.cve.org
0.001 Low
EPSS
Percentile
48.5%
Gitlab Community and Enterprise Editions version 10.1, 10.2, and 10.2.4 are vulnerable to a SQL injection in the MilestoneFinder component resulting in disclosure of all data in a GitLab instance’s database.
CNA Affected
[
{
"product": "GitLab Community and Enterprise Editions",
"vendor": "GitLab",
"versions": [
{
"status": "affected",
"version": "9.1.0 - 10.1.5 Fixed in 10.1.6"
},
{
"status": "affected",
"version": "10.2.0 - 10.2.5 Fixed in 10.2.6"
},
{
"status": "affected",
"version": "10.3.0 - 10.3.3 Fixed in 10.3.4"
}
]
}
]Related
ubuntucve
ubuntucve
CVE-2017-0914
2018-03-21 00:00:00
openvas
openvas
osv
osv
CVE-2017-0914
2018-03-21 20:29:00
prion
prion
Sql injection
2018-03-21 20:29:00
hackerone
hackerone
GitLab: SQL injection in MilestoneFinder order method
2017-12-15 03:15:38
debiancve
debiancve
CVE-2017-0914
2018-03-21 20:29:00
cve
cve
CVE-2017-0914
2018-03-21 20:29:00
nvd
nvd
CVE-2017-0914
2018-03-21 20:29:00