← back
CVE-2017-0925

CVE-2017-0925

EPSS 0.9%CWE-522
Gitlab Enterprise Edition version 10.1.0 is vulnerable to an insufficiently protected credential issue in the project service integration API endpoint resulting in an information disclosure of plaintext password.
Affected products
GitLab · GitLab Community and Enterprise Editions

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/https://gitlab.com/gitlab-org/gitlab-ee/issues/3847https://www.debian.org/security/2018/dsa-4145