6.5
CVE-2013-4490
- EPSS 49.78%
- Veröffentlicht 13.05.2014 15:55:03
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
LoginThe SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3, as used in GitLab 5.0 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Gitlab ≫ Gitlab-shell Version <= 1.7.2
Gitlab ≫ Gitlab-shell Version1.0.4
Gitlab ≫ Gitlab-shell Version1.1.0
Gitlab ≫ Gitlab-shell Version1.2.0
Gitlab ≫ Gitlab-shell Version1.3.0
Gitlab ≫ Gitlab-shell Version1.4.0
Gitlab ≫ Gitlab-shell Version1.5.0
Gitlab ≫ Gitlab-shell Version1.6.0
Gitlab ≫ Gitlab-shell Version1.7.0
Gitlab ≫ Gitlab-shell Version1.7.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 49.78% | 0.977 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 8 | 6.4 |
AV:N/AC:L/Au:S/C:P/I:P/A:P
|