Lucene search
GoogleOSV:CVE-2017-0920HistoryMar 22, 2018 - 3:29 p.m.
CVE-2017-0920
2018-03-2215:29:00
Google
osv.dev
2
GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an authorization bypass issue in the Projects::MergeRequests::CreationsController component resulting in an attacker to see every project name and their respective namespace on a GitLab instance.
| CPE | Name | Operator | Version |
|---|---|---|---|
| gitlab | eq | 10.3.1-ee | |
| gitlab | eq | 10.3.0-ee | |
| gitlab | eq | 8.12.0-rc2-ee | |
| gitlab | eq | 8.11.0-rc6-ee | |
| gitlab | eq | 10.1.2 | |
| gitlab | eq | 9.6.0.pre | |
| gitlab | eq | 10.1.3-ee | |
| gitlab | eq | 10.3.0-rc3-ee | |
| gitlab | eq | 10.2.0-rc3-ee | |
| gitlab | eq | 10.1.0-ee |
Related
debian
debian
[SECURITY] [DSA 4206-2] gitlab regression update
2018-05-26 13:29:30
[SECURITY] [DSA 4206-2] gitlab regression update
2018-05-26 13:29:30
[SECURITY] [DSA 4206-1] gitlab security update
2018-05-21 16:47:29
cve
cve
CVE-2017-0920
2018-03-22 15:29:00
debiancve
debiancve
CVE-2017-0920
2018-03-22 15:29:00
nvd
nvd
CVE-2017-0920
2018-03-22 15:29:00
prion
prion
Authorization
2018-03-22 15:29:00
cvelist
cvelist
CVE-2017-0920
2018-03-22 15:00:00
ubuntucve
ubuntucve
CVE-2017-0920
2018-03-22 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-4206-1)
2018-05-20 00:00:00
osv
osv
gitlab - security update
2018-05-21 00:00:00
nessus
nessus
Debian DSA-4206-1 : gitlab - security update
2018-05-23 00:00:00