GCVE - cpe:2.3:a:gitlab:gitlab:8.5.10:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:gitlab:gitlab:8.5.10:*:*:*:*:*:*:*

part: a version: 8.5.10 update: *

Vendor	Gitlab (`57573e99-56e6-5fad-895e-0ce7fffc5b90`)
Product	Gitlab (`5414fcda-a172-5f72-b6e4-b415a19d21eb`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:gitlab/gitlab-org/gitlab`	purl2cpe	2026-06-01 10:14:46.447827

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2016-4340`	vulnerable	2026-06-03 14:35:47.739137	Details available The impersonate feature in Gitlab 8.7.0, 8.6.0 through 8.6.7, 8.5.0 through 8.5.11, 8.4.0 through 8.4.9, 8.3.0 through 8.3.8, and 8.2.0 through 8.2.4 allows remote authenticated users to "log in" as any other user via unspecified vectors. Published: 2017-01-23T21:00:00.000Z Updated: 2024-08-06T00:25:14.505Z Open on db.gcve.eu Reference links https://about.gitlab.com/2016/05/02/cve-2016-4340-patches/ https://www.exploit-db.com/exploits/40236/ https://gitlab.com/gitlab-org/gitlab-ce/issues/15548 http://packetstormsecurity.com/files/138368/GitLab-Impersonate-Privilege-Escalation.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.