Vulnerabilities > Gitlab > Gitlab > 10.2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-21 | CVE-2017-0918 | Path Traversal vulnerability in Gitlab Gitlab Community Edition version 10.3 is vulnerable to a path traversal issue in the GitLab CI runner component resulting in remote code execution. | 6.5 |
| 2018-03-21 | CVE-2017-0917 | Improper Input Validation vulnerability in multiple products Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the CI job component resulting in persistent cross site scripting. | 4.3 |
| 2018-03-21 | CVE-2017-0916 | Improper Input Validation vulnerability in Gitlab Gitlab Community Edition version 10.3 is vulnerable to a lack of input validation in the system_hook_push queue through web hook component resulting in remote code execution. | 7.5 |
| 2018-03-21 | CVE-2017-0915 | Improper Input Validation vulnerability in Gitlab Gitlab Community Edition version 10.2.4 is vulnerable to a lack of input validation in the GitlabProjectsImportService resulting in remote code execution. | 7.5 |
| 2018-03-21 | CVE-2017-0914 | SQL Injection vulnerability in Gitlab Gitlab Community and Enterprise Editions version 10.1, 10.2, and 10.2.4 are vulnerable to a SQL injection in the MilestoneFinder component resulting in disclosure of all data in a GitLab instance's database. | 5.0 |