CVE-2018-3710
published 2018-03-21CVE-2018-3710: Gitlab Community and Enterprise Editions version 10.3.3 is vulnerable to an Insecure Temporary File in the project import component resulting remote code…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
Gitlab Community and Enterprise Editions version 10.3.3 is vulnerable to an Insecure Temporary File in the project import component resulting remote code execution.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | gitlab | < gitlab 10.5.5+dfsg-1 (sid) | gitlab 10.5.5+dfsg-1 (sid) |
| gitlab | gitlab | <= 10.2.5 | — |
| gitlab | gitlab | <= 10.3.3 | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | 10.0.0 – 10.1.5 | — |
| gitlab | gitlab | 10.0.0 – 10.1.15 | — |
| gitlab | gitlab | 10.2.0 – 10.2.5 | — |
| gitlab | gitlab | 10.3.0 – 10.3.3 | — |
| gitlab | gitlab | 8.9.0 – 9.5.10 | — |
| gitlab | gitlab_community_and_enterprise_editions | — | — |
| gitlab | gitlab_community_and_enterprise_editions | — | — |
| gitlab | gitlab_community_and_enterprise_editions | — | — |