Multiple versions of GitLab expose sensitive user credentials when assigning a user to an issue or merge request. A fix was included in versions 8.15.8, 8.16.7, and 8.17.4, which were released on March 20th 2017 at 23:59 UTC.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Gitlab |
|
Configuration 1 [-]
|
No data.
No data.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2017-1236 | Multiple versions of GitLab expose sensitive user credentials when assigning a user to an issue or merge request. A fix was included in versions 8.15.8, 8.16.7, and 8.17.4, which were released on March 20th 2017 at 23:59 UTC. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: hackerone
Published:
Updated: 2024-08-05T13:18:06.474Z
Reserved: 2016-11-30T00:00:00
Link: CVE-2017-0882
Vulnrichment
No data.
NVD
Status : Deferred
Published: 2017-03-28T02:59:01.497
Modified: 2025-04-20T01:37:25.860
Link: CVE-2017-0882
Redhat
No data.
OpenCVE Enrichment
No data.