Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-4490HistoryMay 13, 2014 - 3:55 p.m.
CVE-2013-4490
2014-05-1315:55:03
Debian Security Bug Tracker
security-tracker.debian.org
8
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.222 Low
EPSS
Percentile
96.5%
The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3, as used in GitLab 5.0 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 999 | all | gitlab | < 16.8.4-1 | gitlab_16.8.4-1_all.deb |
Related
zdt
zdt
Gitlab-shell Code Execution Exploit
2014-08-18 00:00:00
packetstorm
packetstorm
Gitlab-shell Code Execution
2014-08-18 00:00:00
cvelist
cvelist
CVE-2013-4490
2014-05-13 15:00:00
cve
cve
CVE-2013-4490
2014-05-13 15:55:03
prion
prion
Design/Logic Flaw
2014-05-13 15:55:00
nvd
nvd
CVE-2013-4490
2014-05-13 15:55:03
openvas
openvas
GitLab Community Edition 4.2.x - 5.4.0, 6.x - 6.2.2 Multiple Vulnerabilities
2022-03-28 00:00:00
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.222 Low
EPSS
Percentile
96.5%
Related for DEBIANCVE:CVE-2013-4490