CVE-2013-4489

EUVD-2022-3296
The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands, as demonstrated by the search box for the GitLab code search feature.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
Affected Products (NVD)
VendorProductVersion
gitlabgitlab
5.2.0
gitlabgitlab
5.3.0
gitlabgitlab
5.4.0
gitlabgitlab
6.0.0
gitlabgitlab
6.1.0
gitlabgitlab
6.2.0
gitlabgitlab
6.2.1
gitlabgitlab
6.2.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
gitlab
sid
16.8.4-1
fixed
References
https://www.gitlab.com/2013/11/04/gitlab-ce-6-2-and-5-4-security-release/
https://www.gitlab.com/2013/11/04/gitlab-ce-6-2-and-5-4-security-release/