The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands, as demonstrated by the search box for the GitLab code search feature.
References
Link | Resource |
---|---|
https://www.gitlab.com/2013/11/04/gitlab-ce-6-2-and-5-4-security-release/ | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2014-05-17T20:00:00
Updated: 2014-05-17T19:57:00
Reserved: 2013-06-12T00:00:00
Link: CVE-2013-4489
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-05-17T20:55:02.087
Modified: 2014-05-19T16:38:35.793
Link: CVE-2013-4489
JSON object: View
Redhat Information
No data.
CWE