The Grit gem for Ruby, as used in GitLab 5.2 prior to 5.4.1 and 6.x prior to 6.2.3, allows remote authenticated users to execute arbitrary commands, as demonstrated by the search box for the GitLab code search feature.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gitlab gitlab 6.0.0 |
||
gitlab gitlab 6.1.0 |
||
gitlab gitlab 5.4.0 |
||
gitlab gitlab 6.2.0 |
||
gitlab gitlab 6.2.2 |
||
gitlab gitlab 5.3.0 |
||
gitlab gitlab 6.2.1 |
||
gitlab gitlab 5.2.0 |