CVE-2017-0925

EPSS 0.9%CWE-522

Gitlab Enterprise Edition version 10.1.0 is vulnerable to an insufficiently protected credential issue in the project service integration API endpoint resulting in an information disclosure of plaintext password.

Productos afectados

GitLab · GitLab Community and Enterprise Editions

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/https://gitlab.com/gitlab-org/gitlab-ee/issues/3847 https://www.debian.org/security/2018/dsa-4145