CVE-2013-4583
published 2020-01-28CVE-2013-4583: The parse_cmd function in lib/gitlab_shell.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1 and gitlab-shell…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
The parse_cmd function in lib/gitlab_shell.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to gain privileges and clone arbitrary repositories.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | >= 5.0.0 < 5.4.2 | 5.4.2 |
| gitlab | gitlab | >= 6.0.0 < 6.2.1 | 6.2.1 |
| gitlab | gitlab | >= 6.0.0 < 6.2.4 | 6.2.4 |
| gitlab | gitlab-shell | < 1.7.8 | 1.7.8 |
| gitlab | gitlab-shell | — | — |
| gitlab | gitlab_community_edition | — | — |
| gitlab | gitlab_enterprise_edition | — | — |