GCVE - cpe:2.3:a:gitlab:gitlab:9.1.3:*:*:*:enterprise:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:gitlab:gitlab:9.1.3:*:*:*:enterprise:*:*:*

part: a version: 9.1.3 update: *

Vendor	Gitlab (`57573e99-56e6-5fad-895e-0ce7fffc5b90`)
Product	Gitlab (`5414fcda-a172-5f72-b6e4-b415a19d21eb`)
Edition	*
Language	*
Software edition	enterprise
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:gitlab/gitlab-org/gitlab`	purl2cpe	2026-06-01 10:14:46.448155

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2017-12426`	vulnerable	2026-06-03 14:36:35.986559	Details available GitLab Community Edition (CE) and Enterprise Edition (EE) before 8.17.8, 9.0.x before 9.0.13, 9.1.x before 9.1.10, 9.2.x before 9.2.10, 9.3.x before 9.3.10, and 9.4.x before 9.4.4 might allow remote attackers to execute arbitrary code via a crafted SSH URL in a project import. Published: 2017-08-14T21:00:00.000Z Updated: 2024-08-05T18:36:56.379Z Open on db.gcve.eu Reference links https://about.gitlab.com/2017/08/10/gitlab-9-dot-4-dot-4-released/ https://www.mail-archive.com/linux-kernel%40vger.kernel.org/msg1466490.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-11438`	vulnerable	2026-06-03 14:36:28.531196	Details available GitLab Community Edition (CE) and Enterprise Edition (EE) before 9.0.11, 9.1.8, 9.2.8 allow an authenticated user with the ability to create a group to add themselves to any project that is inside a subgroup. Published: 2017-08-02T19:00:00.000Z Updated: 2024-08-05T18:12:39.758Z Open on db.gcve.eu Reference links https://about.gitlab.com/2017/07/19/gitlab-9-dot-3-dot-8-released/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-11437`	vulnerable	2026-06-03 14:36:28.508801	Details available GitLab Enterprise Edition (EE) before 8.17.7, 9.0.11, 9.1.8, 9.2.8, and 9.3.8 allows an authenticated user with the ability to create a project to use the mirroring feature to potentially read repositories belonging to other users. Published: 2017-08-02T19:00:00.000Z Updated: 2024-08-05T18:12:39.910Z Open on db.gcve.eu Reference links https://about.gitlab.com/2017/07/19/gitlab-9-dot-3-dot-8-released/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.