Gitlab Community and Enterprise Editions version 10.3.3 is vulnerable to an Insecure Temporary File in the project import component resulting remote code execution.
Creating and using insecure temporary files can leave application and system data vulnerable to attack.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Gitlab | Gitlab | 8.9.0 (including) | 9.5.10 (including) |
Gitlab | Ubuntu | artful | * |
Gitlab | Ubuntu | upstream | * |