GCVE - cpe:2.3:a:gitlab:gitlab:5.0.0:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:gitlab:gitlab:5.0.0:*:*:*:*:*:*:*

part: a version: 5.0.0 update: *

Vendor	Gitlab (`57573e99-56e6-5fad-895e-0ce7fffc5b90`)
Product	Gitlab (`5414fcda-a172-5f72-b6e4-b415a19d21eb`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:gitlab/gitlab-org/gitlab`	purl2cpe	2026-06-01 10:14:46.446796

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2013-4581`	vulnerable	2026-06-03 14:33:18.298815	Details available GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote attackers to execute arbitrary code via a crafted change using SSH. Published: 2014-05-12T14:00:00.000Z Updated: 2024-08-06T16:45:14.854Z Open on db.gcve.eu Reference links http://www.openwall.com/lists/oss-security/2013/11/15/4 https://www.gitlab.com/2013/11/14/multiple-critical-vulnerabilities-in-gitlab/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-4580`	vulnerable	2026-06-03 14:33:18.240911	Details available GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1, when using a MySQL backend, allows remote attackers to impersonate arbitrary users and bypass authentication via unspecified API calls. Published: 2014-05-12T14:00:00.000Z Updated: 2024-08-06T16:45:14.838Z Open on db.gcve.eu Reference links http://www.openwall.com/lists/oss-security/2013/11/15/4 https://www.gitlab.com/2013/11/14/multiple-critical-vulnerabilities-in-gitlab/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-4546`	vulnerable	2026-06-03 14:33:17.988950	Details available The repository import feature in gitlab-shell before 1.7.4, as used in GitLab, allows remote authenticated users to execute arbitrary commands via the import URL. Published: 2014-05-13T15:00:00.000Z Updated: 2024-08-06T16:45:15.033Z Open on db.gcve.eu Reference links https://www.gitlab.com/2013/11/08/security-vulnerability-in-gitlab-shell/ http://www.openwall.com/lists/oss-security/2013/11/11/2 https://gitlab.com/gitlab-org/gitlab-shell/blob/master/CHANGELOG	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-4490`	vulnerable	2026-06-03 14:33:17.207685	Details available The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3, as used in GitLab 5.0 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key. Published: 2014-05-13T15:00:00.000Z Updated: 2024-08-06T16:45:14.763Z Open on db.gcve.eu Reference links https://www.gitlab.com/2013/11/04/gitlab-ce-6-2-and-5-4-security-release/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.