Vulnerabilities > Gitlab > Gitlab > 10.1.3

DATE CVE VULNERABILITY TITLE RISK
2018-03-21 CVE-2017-0915 Improper Input Validation vulnerability in Gitlab
Gitlab Community Edition version 10.2.4 is vulnerable to a lack of input validation in the GitlabProjectsImportService resulting in remote code execution.
network
low complexity
gitlab debian CWE-20
7.5
7.5
2018-03-21 CVE-2017-0914 SQL Injection vulnerability in Gitlab
Gitlab Community and Enterprise Editions version 10.1, 10.2, and 10.2.4 are vulnerable to a SQL injection in the MilestoneFinder component resulting in disclosure of all data in a GitLab instance's database.
network
low complexity
gitlab CWE-89
5.0
5.0