CVE-2017-0927

Source
https://nvd.nist.gov/vuln/detail/CVE-2017-0927
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-0927.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2017-0927
Published
2018-03-21T20:29:00Z
Modified
2025-01-13T09:47:57.559055Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the deployment keys component resulting in unauthorized use of deployment keys by guest users.

References

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected versions

v10.*

v10.2.0
v10.2.0-ee
v10.2.1
v10.2.1-ee
v10.2.2
v10.2.2-ee
v10.2.3
v10.2.3-ee
v10.2.4
v10.2.4-ee
v10.2.5-ee
v10.3.0
v10.3.0-ee
v10.3.0-rc5
v10.3.1
v10.3.1-ee
v10.3.2
v10.3.2-ee
v10.3.3-ee