Gitlab Community Edition version 10.3 is vulnerable to a path traversal issue in the GitLab CI runner component resulting in remote code execution.
[
{
"product": "GitLab Community and Enterprise Editions",
"vendor": "GitLab",
"versions": [
{
"status": "affected",
"version": "8.4.0 - 10.1.5 Fixed in 10.1.6"
},
{
"status": "affected",
"version": "10.2.0 - 10.2.5 Fixed in 10.2.6"
},
{
"status": "affected",
"version": "10.3.0 - 10.3.3 Fixed in 10.3.4"
}
]
}
]