<p>Upgrade <code>Debian:unstable</code> <code>gitlab</code> to version 10.5.5+dfsg-1 or higher.</p>

Improper Input Validation Affecting gitlab package, versions <10.5.5+dfsg-1

Threat Intelligence

4.17% (93^rd percentile)

Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Snyk ID SNYK-DEBIANUNSTABLE-GITLAB-317181
published 21 Mar 2018
disclosed 21 Mar 2018

Report a new vulnerability Found a mistake?

Introduced: 21 Mar 2018

CVE-2017-0915 Open this link in a new tab CWE-20 Open this link in a new tab CWE-77 Open this link in a new tab

How to fix?

Upgrade Debian:unstable gitlab to version 10.5.5+dfsg-1 or higher.

NVD Description

Note: Versions mentioned in the description apply only to the upstream gitlab package and not the gitlab package as distributed by Debian. See How to fix? for Debian:unstable relevant fixed versions and status.

Gitlab Community Edition version 10.2.4 is vulnerable to a lack of input validation in the GitlabProjectsImportService resulting in remote code execution.

Improper Input Validation Affecting gitlab package, versions <10.5.5+dfsg-1

Severity

Snyk's Security Team recommends NVD's CVSS assessment

Threat Intelligence

Introduced: 21 Mar 2018

How to fix?

NVD Description

References