Security research

git lab Remote Code Execution Vulnerability

0x00   Vulnerability number

Not yet

0x01   Hazard level


0x02 vulnerability overview

Git lab is an open source project for warehouse management system. It uses git as a code management tool and builds a web service on this basis. Unauthorized but authenticated users render code through controllable markdown, causing code execution in Git lab community and enterprise editions.

0x03 version affected

Git Lab < 13.9.4

Git Lab < 13.9.4

Git Lab < 13.8.6

Git Lab  < 13.8.6

Git Lab < 13.7.9

Git Lab  < 13.7.9

0x04 repair suggestions

At present, the official vulnerability repair version has been released. It is recommended that users upgrade to the secure version:

Copyright © 2019 All Rights Reserved Designed
Hangzhou pldsec Network Technology Co