The SSH key upload feature (lib/gitlab_keys.rb) in gitlab-shell before 1.7.3, as used in GitLab 5.0 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands via shell metacharacters in the public key.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2014-05-13T15:00:00
Updated: 2024-08-06T16:45:14.763Z
Reserved: 2013-06-12T00:00:00
Link: CVE-2013-4490
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2014-05-13T15:55:03.937
Modified: 2014-05-14T15:49:13.363
Link: CVE-2013-4490
Redhat
No data.