CVE-2017-0927

NameCVE-2017-0927
DescriptionGitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the deployment keys component resulting in unauthorized use of deployment keys by guest users.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)
Debian Bugs888508

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
gitlab (PTS)sid/contrib13.4.7-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
gitlabsourcestretch(not affected)
gitlabsource(unstable)10.5.5+dfsg-1888508

Notes

[stretch] - gitlab <not-affected> (Doesn't affect 8.x)
https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/

Search for package or bug name: Reporting problems