CVE-2016-9469 (GCVE-0-2016-9469)
Vulnerability from cvelistv5
Published
2017-03-28 02:46
Modified
2024-08-06 02:50
Severity ?
CWE
  • CWE-749 - Exposed Dangerous Method or Function ()
Summary
Multiple versions of GitLab expose a dangerous method to any authenticated user that could lead to the deletion of all Issue and MergeRequest objects on a GitLab instance. For GitLab instances with publicly available projects this vulnerability could be exploited by an unauthenticated user. A fix was included in versions 8.14.3, 8.13.8, and 8.12.11, which were released on December 5th 2016 at 3:59 PST. The GitLab versions vulnerable to this are 8.13.0, 8.13.0-ee, 8.13.1, 8.13.1-ee, 8.13.2, 8.13.2-ee, 8.13.3, 8.13.3-ee, 8.13.4, 8.13.4-ee, 8.13.5, 8.13.5-ee, 8.13.6, 8.13.6-ee, 8.13.7, 8.14.0, 8.14.0-ee, 8.14.1, 8.14.2, and 8.14.2-ee.
References
support@hackerone.com https://about.gitlab.com/2016/12/05/cve-2016-9469/ Patch, Vendor Advisory
support@hackerone.com https://gitlab.com/gitlab-org/gitlab-ce/commit/29ceb98b5162677601702704e89d845580372078 Patch, Vendor Advisory
support@hackerone.com https://gitlab.com/gitlab-org/gitlab-ce/commit/55196497301eea429913f9c4b1b37c42c2e358ce Patch, Vendor Advisory
support@hackerone.com https://gitlab.com/gitlab-org/gitlab-ce/commit/f325e4e734e5e486f3b02db176eb629124052b43 Patch, Vendor Advisory
support@hackerone.com https://gitlab.com/gitlab-org/gitlab-ce/issues/25064 Exploit, Vendor Advisory
support@hackerone.com https://hackerone.com/reports/186194 Exploit, Technical Description, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108 https://about.gitlab.com/2016/12/05/cve-2016-9469/ Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 https://gitlab.com/gitlab-org/gitlab-ce/commit/29ceb98b5162677601702704e89d845580372078 Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 https://gitlab.com/gitlab-org/gitlab-ce/commit/55196497301eea429913f9c4b1b37c42c2e358ce Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 https://gitlab.com/gitlab-org/gitlab-ce/commit/f325e4e734e5e486f3b02db176eb629124052b43 Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 https://gitlab.com/gitlab-org/gitlab-ce/issues/25064 Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108 https://hackerone.com/reports/186194 Exploit, Technical Description, Third Party Advisory
Impacted products
Vendor Product Version
n/a GitLab Community Edition & GitLab Enterprise Edition 8.13.0, 8.13.0-ee, 8.13.1, 8.13.1-ee, 8.13.2, 8.13.2-ee, 8.13.3, 8.13.3-ee, 8.13.4, 8.13.4-ee, 8.13.5, 8.13.5-ee, 8.13.6, 8.13.6-ee, 8.13.7, 8.14.0, 8.14.0-ee, 8.14.1 Version: GitLab Community Edition & GitLab Enterprise Edition 8.13.0, 8.13.0-ee, 8.13.1, 8.13.1-ee, 8.13.2, 8.13.2-ee, 8.13.3, 8.13.3-ee, 8.13.4, 8.13.4-ee, 8.13.5, 8.13.5-ee, 8.13.6, 8.13.6-ee, 8.13.7, 8.14.0, 8.14.0-ee, 8.14.1
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T02:50:38.683Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://gitlab.com/gitlab-org/gitlab-ce/commit/f325e4e734e5e486f3b02db176eb629124052b43"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://gitlab.com/gitlab-org/gitlab-ce/commit/55196497301eea429913f9c4b1b37c42c2e358ce"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://about.gitlab.com/2016/12/05/cve-2016-9469/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://hackerone.com/reports/186194"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/25064"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://gitlab.com/gitlab-org/gitlab-ce/commit/29ceb98b5162677601702704e89d845580372078"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "GitLab Community Edition \u0026 GitLab Enterprise Edition 8.13.0, 8.13.0-ee, 8.13.1, 8.13.1-ee, 8.13.2, 8.13.2-ee, 8.13.3, 8.13.3-ee, 8.13.4, 8.13.4-ee, 8.13.5, 8.13.5-ee, 8.13.6, 8.13.6-ee, 8.13.7, 8.14.0, 8.14.0-ee, 8.14.1",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "GitLab Community Edition \u0026 GitLab Enterprise Edition 8.13.0, 8.13.0-ee, 8.13.1, 8.13.1-ee, 8.13.2, 8.13.2-ee, 8.13.3, 8.13.3-ee, 8.13.4, 8.13.4-ee, 8.13.5, 8.13.5-ee, 8.13.6, 8.13.6-ee, 8.13.7, 8.14.0, 8.14.0-ee, 8.14.1"
            }
          ]
        }
      ],
      "datePublic": "2017-03-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple versions of GitLab expose a dangerous method to any authenticated user that could lead to the deletion of all Issue and MergeRequest objects on a GitLab instance. For GitLab instances with publicly available projects this vulnerability could be exploited by an unauthenticated user. A fix was included in versions 8.14.3, 8.13.8, and 8.12.11, which were released on December 5th 2016 at 3:59 PST. The GitLab versions vulnerable to this are 8.13.0, 8.13.0-ee, 8.13.1, 8.13.1-ee, 8.13.2, 8.13.2-ee, 8.13.3, 8.13.3-ee, 8.13.4, 8.13.4-ee, 8.13.5, 8.13.5-ee, 8.13.6, 8.13.6-ee, 8.13.7, 8.14.0, 8.14.0-ee, 8.14.1, 8.14.2, and 8.14.2-ee."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-749",
              "description": "Exposed Dangerous Method or Function (CWE-749)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-03-28T02:57:01",
        "orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
        "shortName": "hackerone"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gitlab.com/gitlab-org/gitlab-ce/commit/f325e4e734e5e486f3b02db176eb629124052b43"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gitlab.com/gitlab-org/gitlab-ce/commit/55196497301eea429913f9c4b1b37c42c2e358ce"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://about.gitlab.com/2016/12/05/cve-2016-9469/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://hackerone.com/reports/186194"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/25064"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://gitlab.com/gitlab-org/gitlab-ce/commit/29ceb98b5162677601702704e89d845580372078"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "support@hackerone.com",
          "ID": "CVE-2016-9469",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "GitLab Community Edition \u0026 GitLab Enterprise Edition 8.13.0, 8.13.0-ee, 8.13.1, 8.13.1-ee, 8.13.2, 8.13.2-ee, 8.13.3, 8.13.3-ee, 8.13.4, 8.13.4-ee, 8.13.5, 8.13.5-ee, 8.13.6, 8.13.6-ee, 8.13.7, 8.14.0, 8.14.0-ee, 8.14.1",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "GitLab Community Edition \u0026 GitLab Enterprise Edition 8.13.0, 8.13.0-ee, 8.13.1, 8.13.1-ee, 8.13.2, 8.13.2-ee, 8.13.3, 8.13.3-ee, 8.13.4, 8.13.4-ee, 8.13.5, 8.13.5-ee, 8.13.6, 8.13.6-ee, 8.13.7, 8.14.0, 8.14.0-ee, 8.14.1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple versions of GitLab expose a dangerous method to any authenticated user that could lead to the deletion of all Issue and MergeRequest objects on a GitLab instance. For GitLab instances with publicly available projects this vulnerability could be exploited by an unauthenticated user. A fix was included in versions 8.14.3, 8.13.8, and 8.12.11, which were released on December 5th 2016 at 3:59 PST. The GitLab versions vulnerable to this are 8.13.0, 8.13.0-ee, 8.13.1, 8.13.1-ee, 8.13.2, 8.13.2-ee, 8.13.3, 8.13.3-ee, 8.13.4, 8.13.4-ee, 8.13.5, 8.13.5-ee, 8.13.6, 8.13.6-ee, 8.13.7, 8.14.0, 8.14.0-ee, 8.14.1, 8.14.2, and 8.14.2-ee."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Exposed Dangerous Method or Function (CWE-749)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://gitlab.com/gitlab-org/gitlab-ce/commit/f325e4e734e5e486f3b02db176eb629124052b43",
              "refsource": "MISC",
              "url": "https://gitlab.com/gitlab-org/gitlab-ce/commit/f325e4e734e5e486f3b02db176eb629124052b43"
            },
            {
              "name": "https://gitlab.com/gitlab-org/gitlab-ce/commit/55196497301eea429913f9c4b1b37c42c2e358ce",
              "refsource": "MISC",
              "url": "https://gitlab.com/gitlab-org/gitlab-ce/commit/55196497301eea429913f9c4b1b37c42c2e358ce"
            },
            {
              "name": "https://about.gitlab.com/2016/12/05/cve-2016-9469/",
              "refsource": "MISC",
              "url": "https://about.gitlab.com/2016/12/05/cve-2016-9469/"
            },
            {
              "name": "https://hackerone.com/reports/186194",
              "refsource": "MISC",
              "url": "https://hackerone.com/reports/186194"
            },
            {
              "name": "https://gitlab.com/gitlab-org/gitlab-ce/issues/25064",
              "refsource": "MISC",
              "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/25064"
            },
            {
              "name": "https://gitlab.com/gitlab-org/gitlab-ce/commit/29ceb98b5162677601702704e89d845580372078",
              "refsource": "MISC",
              "url": "https://gitlab.com/gitlab-org/gitlab-ce/commit/29ceb98b5162677601702704e89d845580372078"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
    "assignerShortName": "hackerone",
    "cveId": "CVE-2016-9469",
    "datePublished": "2017-03-28T02:46:00",
    "dateReserved": "2016-11-19T00:00:00",
    "dateUpdated": "2024-08-06T02:50:38.683Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-9469\",\"sourceIdentifier\":\"support@hackerone.com\",\"published\":\"2017-03-28T02:59:01.247\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple versions of GitLab expose a dangerous method to any authenticated user that could lead to the deletion of all Issue and MergeRequest objects on a GitLab instance. For GitLab instances with publicly available projects this vulnerability could be exploited by an unauthenticated user. A fix was included in versions 8.14.3, 8.13.8, and 8.12.11, which were released on December 5th 2016 at 3:59 PST. The GitLab versions vulnerable to this are 8.13.0, 8.13.0-ee, 8.13.1, 8.13.1-ee, 8.13.2, 8.13.2-ee, 8.13.3, 8.13.3-ee, 8.13.4, 8.13.4-ee, 8.13.5, 8.13.5-ee, 8.13.6, 8.13.6-ee, 8.13.7, 8.14.0, 8.14.0-ee, 8.14.1, 8.14.2, and 8.14.2-ee.\"},{\"lang\":\"es\",\"value\":\"Multiples versiones de GitLab exponen un m\u00e9todo peligroso a cualquier usuario autenticado que podr\u00eda llevar a la eliminaci\u00f3n de todos los problemas y objetos MergeRequest en una instancia de GitLab. Para las instancias de GitLab con proyectos disponibles p\u00fablicamente, esta vulnerabilidad podr\u00eda ser explotada por un usuario no autenticado. Se incluy\u00f3 una revisi\u00f3n en las versiones 8.14.3, 8.13.8 y 8.12.11, que se publicaron el 5 de diciembre de 2016 a las 3:59 PST. Las versiones de GitLab vulnerables a esto son 8.13.0, 8.13.0-ee, 8.13.1, 8.13.1-ee, 8.13.2, 8.13.2-ee, 8.13.3, 8.13.3-ee, 8.13.4 , 8.13.4-ee, 8.13.5, 8.13.5-ee, 8.13.6, 8.13.6-ee, 8.13.7, 8.14.0, 8.14.0-ee, 8.14.1, 8.14.2 y 8.14.2-ee.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":4.2}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":true,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"support@hackerone.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-749\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:8.13.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C40FEF39-FBD8-49D3-ACB5-DA4CE6275997\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:8.13.0:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"BF27DE16-6B02-4B8C-8171-644F96B91EC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:8.13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8295BEE-F094-456B-9E7E-F1F5F0BFE3C1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:8.13.1:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"309BE602-C30A-453B-B53E-87559A4A65C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:8.13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AFD032AA-5160-4446-8256-BF3993C0C6D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:8.13.2:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"0D1AEB22-B278-40B8-959B-59DF4CCE1756\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:8.13.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71F7D77B-E9F9-429C-9000-E4EB8D6C6E05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:8.13.3:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"6E6C2412-07E9-494C-8374-D23244896593\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:8.13.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE4D9EBA-9E51-42F3-82EA-B40402B2EBE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:8.13.4:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"8754F4EA-AA92-4308-BCE1-F6214A502368\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:8.13.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8EA5D200-683D-46E0-9216-C90C5E5988CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:8.13.5:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"46015599-12C0-4DFA-BBF9-2252446C899A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:8.13.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C63754F-06CE-45CA-A127-9D1F357F76F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:8.13.6:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"38D6EBF6-43D0-4D5E-A21D-29D775593236\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:8.13.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0415B7C5-992B-43A0-BD4D-910DF77A985F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:8.13.7:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"E36DA897-3A68-454F-90B8-B83E6D28AC73\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:8.14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6B3C6A7-EB60-41DA-AB67-CB5CF93B0A04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:8.14.0:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"234CD36B-CEAC-4C89-A515-22D088589024\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:8.14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79E47F6A-A7E1-4876-8C05-329959522C97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:8.14.1:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"A044ACCF-7534-4A81-9F66-7235CA4B74C9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:8.14.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1CF6FC6C-2489-4798-8143-985C2101CDC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gitlab:gitlab:8.14.2:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"6265E089-155E-474C-B020-85C75EE500E0\"}]}]}],\"references\":[{\"url\":\"https://about.gitlab.com/2016/12/05/cve-2016-9469/\",\"source\":\"support@hackerone.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://gitlab.com/gitlab-org/gitlab-ce/commit/29ceb98b5162677601702704e89d845580372078\",\"source\":\"support@hackerone.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://gitlab.com/gitlab-org/gitlab-ce/commit/55196497301eea429913f9c4b1b37c42c2e358ce\",\"source\":\"support@hackerone.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://gitlab.com/gitlab-org/gitlab-ce/commit/f325e4e734e5e486f3b02db176eb629124052b43\",\"source\":\"support@hackerone.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://gitlab.com/gitlab-org/gitlab-ce/issues/25064\",\"source\":\"support@hackerone.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://hackerone.com/reports/186194\",\"source\":\"support@hackerone.com\",\"tags\":[\"Exploit\",\"Technical Description\",\"Third Party Advisory\"]},{\"url\":\"https://about.gitlab.com/2016/12/05/cve-2016-9469/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://gitlab.com/gitlab-org/gitlab-ce/commit/29ceb98b5162677601702704e89d845580372078\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://gitlab.com/gitlab-org/gitlab-ce/commit/55196497301eea429913f9c4b1b37c42c2e358ce\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://gitlab.com/gitlab-org/gitlab-ce/commit/f325e4e734e5e486f3b02db176eb629124052b43\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://gitlab.com/gitlab-org/gitlab-ce/issues/25064\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]},{\"url\":\"https://hackerone.com/reports/186194\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Technical Description\",\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.