Gitlab Shell
Approved changes feed: RSS · Atom
cpe:2.3:a:gitlab:gitlab-shell:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Gitlab (57573e99-56e6-5fad-895e-0ce7fffc5b90) |
|---|---|
| Product | Gitlab Shell (7dbc690a-6d26-5eed-9424-370abf39e288) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:deb/debian/gitlab-shell |
purl2cpe | 2026-06-01 10:14:46.066270 |
pkg:deb/ubuntu/gitlab-shell |
purl2cpe | 2026-06-01 10:14:46.066273 |
pkg:github/gitlabhq/gitlab-shell |
purl2cpe | 2026-06-01 10:14:46.066275 |
pkg:gitlab/gitlab-org/gitlab-shell |
purl2cpe | 2026-06-01 10:14:46.066278 |
pkg:rpm/opensuse/gitlab-shell |
purl2cpe | 2026-06-01 10:14:46.066281 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2013-4583 |
vulnerable | 2026-06-03 14:33:18.303970 |
Details available
The parse_cmd function in lib/gitlab_shell.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to gain privileges and clone arbitrary repositories.
Published: 2020-01-28T15:11:45.000Z
Updated: 2024-08-06T16:45:14.926Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2013-4582 |
vulnerable | 2026-06-03 14:33:18.303393 |
Details available
The (1) create_branch, (2) create_tag, (3) import_project, and (4) fork_project functions in lib/gitlab_projects.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to include information from local files into the metadata of a Git repository via the web interface.
Published: 2020-01-28T15:17:23.000Z
Updated: 2024-08-06T16:45:15.169Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2013-4581 |
vulnerable | 2026-06-03 14:33:18.288183 |
Details available
GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote attackers to execute arbitrary code via a crafted change using SSH.
Published: 2014-05-12T14:00:00.000Z
Updated: 2024-08-06T16:45:14.854Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2013-4546 |
vulnerable | 2026-06-03 14:33:17.991129 |
Details available
The repository import feature in gitlab-shell before 1.7.4, as used in GitLab, allows remote authenticated users to execute arbitrary commands via the import URL.
Published: 2014-05-13T15:00:00.000Z
Updated: 2024-08-06T16:45:15.033Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2013-4490 |
vulnerable | 2026-06-03 14:33:17.210520 |
Details available
The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3, as used in GitLab 5.0 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key.
Published: 2014-05-13T15:00:00.000Z
Updated: 2024-08-06T16:45:14.763Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.