CVE-2017-0925

EPSS 0.9%CWE-522

Gitlab Enterprise Edition version 10.1.0 is vulnerable to an insufficiently protected credential issue in the project service integration API endpoint resulting in an information disclosure of plaintext password.

Produtos afetados

GitLab · GitLab Community and Enterprise Editions

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/https://gitlab.com/gitlab-org/gitlab-ee/issues/3847 https://www.debian.org/security/2018/dsa-4145