5 matches found
GitLab Community Edition 4.2.x - 5.4.0, 6.x - 6.2.2 Multiple Vulnerabilities
GitLab is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if description...
CVE-2013-4490
creationtimestamp| type| source ---|---|--- 2014-08-19 00:00:00+00:00| confirmed| https://www.exploit-db.com/exploits/34362 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/gitlabshellexec.rb 2025-02-06 03:13:41+00:00| seen|...
Gitlab-shell Code Execution Exploit
This Metasploit module takes advantage of the addition of authorized ssh keys in the gitlab-shell functionality of Gitlab. Versions of gitlab-shell prior to 1.7.4 used the ssh key provided directly in a system call resulting in a command injection vulnerability. As this relies on adding an ssh ke...
Gitlab-shell Code Execution
This module takes advantage of the addition of authorized ssh keys in the gitlab-shell functionality of Gitlab. Versions of gitlab-shell prior to 1.7.4 used the ssh key provided directly in a system call resulting in a command injection vulnerability. As this relies on adding an ssh key to an...
CVE-2013-4490
Summary (CVE-2013-4490) : The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3 allows a remote authenticated user to execute arbitrary commands via shell metacharacters in a public key. Affected environments include GitLab 5.0 before 5.4.1 and 6.x before 6.2.3 when using t...