CVE-2013-4582

CWE-8295 documents5 sources

Severity

6.5MEDIUM

EPSS

0.2%

top 61.80%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Gitlab Gitlab Gitlab Gitlab-shell Gitlab Gitlab Community Edition +1 more

Timeline

PublishedJan 28

Latest updateMay 5

Description

The (1) create_branch, (2) create_tag, (3) import_project, and (4) fork_project functions in lib/gitlab_projects.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to include information from local files into the metadata of a Git repository via the web interface.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages6 packages

▶CVEListV5gitlab/gitlab_community_editionbefore 6.2.4

▶CVEListV5gitlab/gitlab_enterprise_editionbefore 6.2.1

▶NVDgitlab/gitlab-shell< 1.7.8

▶CVEListV5gitlab/gitlab-shellbefore 1.7.8

▶NVDgitlab/gitlab5.0.0 — 5.4.2+2

🔴Vulnerability Details

GHSA

GHSA-wpgv-98gg-67q7: The (1) create_branch, (2) create_tag, (3) import_project, and (4) fork_project functions in lib/gitlab_projects↗2022-05-05

▶

CVEList

CVE-2013-4582: The (1) create_branch, (2) create_tag, (3) import_project, and (4) fork_project functions in lib/gitlab_projects↗2020-01-28

▶

📋Vendor Advisories

GitLab

CVE-2013-4582: The (1) create_branch, (2) create_tag, (3) import_project, and (4) fork_project functions in lib/gitlab_projects.rb in GitLab 5.0 before 5.4.2, Commun↗2020-01-28

▶

Debian

CVE-2013-4582: gitlab - The (1) create_branch, (2) create_tag, (3) import_project, and (4) fork_project ...↗2013

▶