Vulnerabilities > CVE-2013-4546 - Unspecified vulnerability in Gitlab and Gitlab-Shell
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The repository import feature in gitlab-shell before 1.7.4, as used in GitLab, allows remote authenticated users to execute arbitrary commands via the import URL.
Vulnerable Configurations
References
- http://www.openwall.com/lists/oss-security/2013/11/11/2
- http://www.openwall.com/lists/oss-security/2013/11/11/2
- https://gitlab.com/gitlab-org/gitlab-shell/blob/master/CHANGELOG
- https://gitlab.com/gitlab-org/gitlab-shell/blob/master/CHANGELOG
- https://www.gitlab.com/2013/11/08/security-vulnerability-in-gitlab-shell/
- https://www.gitlab.com/2013/11/08/security-vulnerability-in-gitlab-shell/