What is the severity of CVE-2013-4581?

CVE-2013-4581 is classified as a critical vulnerability due to its potential for remote code execution.

How do I fix CVE-2013-4581?

To fix CVE-2013-4581, upgrade GitLab to version 5.4.2 or later for Community Editions and 6.2.1 or later for Enterprise Editions.

What versions of GitLab are affected by CVE-2013-4581?

CVE-2013-4581 affects GitLab versions prior to 5.4.2 for Community Edition and prior to 6.2.1 for Enterprise Edition.

Can CVE-2013-4581 be exploited without authentication?

Yes, CVE-2013-4581 can be exploited by remote attackers, making it a serious security risk.

What component is primarily affected by CVE-2013-4581?

CVE-2013-4581 primarily affects the GitLab application through its SSH functionality.

Vulnerability/
CVE-2013-4581

medium

6.8

CWE

12/5/2014

6/8/2024

CVE-2013-4581: Code Injection

First published: Mon May 12 2014(Updated: )

GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote attackers to execute arbitrary code via a crafted change using SSH.

Credit: secalert@redhat.com

Affected Software	Affected Version	How to fix
GitLab	<=6.2.3
GitLab	=0.8.0
GitLab	=0.9.1
GitLab	=0.9.4
GitLab	=0.9.6
GitLab	=1.0.0
GitLab	=1.0.1
GitLab	=1.0.2
GitLab	=1.1.0
GitLab	=1.2.0
GitLab	=1.2.1
GitLab	=1.2.2
GitLab	=2.0.0
GitLab	=2.1.0
GitLab	=2.2.0
GitLab	=2.3.0
GitLab	=2.3.1
GitLab	=2.4.0
GitLab	=2.5.0
GitLab	=2.6.0
GitLab	=2.7.0
GitLab	=2.8.0
GitLab	=2.8.1
GitLab	=2.9.0
GitLab	=2.9.1
GitLab	=3.0.0
GitLab	=3.0.1
GitLab	=3.0.2
GitLab	=3.0.3
GitLab	=3.1.0
GitLab	=4.0.0
GitLab	=4.1.0
GitLab	=4.2.0
GitLab	=5.0.0
GitLab	=5.0.1
GitLab	=5.1.0
GitLab	=5.2.0
GitLab	=5.3.0
GitLab	=5.4.0
GitLab	=5.4.1
GitLab	=5.4.2
GitLab	=6.0.0
GitLab	=6.1.0
GitLab	=6.2.0
GitLab	=6.2.1
GitLab	=6.2.2
GitLab	<=6.2.0
GitLab	=0.8.0
GitLab	=0.9.1
GitLab	=0.9.4
GitLab	=0.9.6
GitLab	=1.0.0
GitLab	=1.0.1
GitLab	=1.0.2
GitLab	=1.1.0
GitLab	=1.2.0
GitLab	=1.2.1
GitLab	=1.2.2
GitLab	=2.0.0
GitLab	=2.1.0
GitLab	=2.2.0
GitLab	=2.3.0
GitLab	=2.3.1
GitLab	=2.4.0
GitLab	=2.5.0
GitLab	=2.6.0
GitLab	=2.7.0
GitLab	=2.8.0
GitLab	=2.8.1
GitLab	=2.9.0
GitLab	=2.9.1
GitLab	=3.0.0
GitLab	=3.0.1
GitLab	=3.0.2
GitLab	=3.0.3
GitLab	=3.1.0
GitLab	=4.0.0
GitLab	=4.1.0
GitLab	=4.2.0
GitLab	=5.0.0
GitLab	=5.0.1
GitLab	=5.1.0
GitLab	=5.2.0
GitLab	=5.3.0
GitLab	=5.4.0
GitLab	=5.4.1
GitLab	=5.4.2
GitLab	=6.0.0
GitLab	=6.1.0
Gitlab Gitlab-shell	<=1.7.7
Gitlab Gitlab-shell	=1.0.4
Gitlab Gitlab-shell	=1.1.0
Gitlab Gitlab-shell	=1.2.0
Gitlab Gitlab-shell	=1.3.0
Gitlab Gitlab-shell	=1.4.0
Gitlab Gitlab-shell	=1.5.0
Gitlab Gitlab-shell	=1.6.0
Gitlab Gitlab-shell	=1.7.0
Gitlab Gitlab-shell	=1.7.1
Gitlab Gitlab-shell	=1.7.2
Gitlab Gitlab-shell	=1.7.3
Gitlab Gitlab-shell	=1.7.4
Gitlab Gitlab-shell	=1.7.5
Gitlab Gitlab-shell	=1.7.6
GitLab	=5.0.0
GitLab	=5.0.1
GitLab	=5.1.0
GitLab	=5.2.0
GitLab	=5.3.0
GitLab	=5.4.0
GitLab	=5.4.1

Remedy

https://www.gitlab.com/2013/11/14/multiple-critical-vulnerabilities-in-gitlab/

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-4581?
CVE-2013-4581 is classified as a critical vulnerability due to its potential for remote code execution.
How do I fix CVE-2013-4581?
To fix CVE-2013-4581, upgrade GitLab to version 5.4.2 or later for Community Editions and 6.2.1 or later for Enterprise Editions.
What versions of GitLab are affected by CVE-2013-4581?
CVE-2013-4581 affects GitLab versions prior to 5.4.2 for Community Edition and prior to 6.2.1 for Enterprise Edition.
Can CVE-2013-4581 be exploited without authentication?
Yes, CVE-2013-4581 can be exploited by remote attackers, making it a serious security risk.
What component is primarily affected by CVE-2013-4581?
CVE-2013-4581 primarily affects the GitLab application through its SSH functionality.

agent/references
agent/type
agent/remedy
agent/severity
agent/weakness
agent/author
agent/softwarecombine
agent/description
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/gitlab
canonical/gitlab
version/gitlab/6.2.3
version/gitlab/0.8.0
version/gitlab/0.9.1
version/gitlab/0.9.4
version/gitlab/0.9.6
version/gitlab/1.0.0
version/gitlab/1.0.1
version/gitlab/1.0.2
version/gitlab/1.1.0
version/gitlab/1.2.0
version/gitlab/1.2.1
version/gitlab/1.2.2
version/gitlab/2.0.0
version/gitlab/2.1.0
version/gitlab/2.2.0
version/gitlab/2.3.0
version/gitlab/2.3.1
version/gitlab/2.4.0
version/gitlab/2.5.0
version/gitlab/2.6.0
version/gitlab/2.7.0
version/gitlab/2.8.0
version/gitlab/2.8.1
version/gitlab/2.9.0
version/gitlab/2.9.1
version/gitlab/3.0.0
version/gitlab/3.0.1
version/gitlab/3.0.2
version/gitlab/3.0.3
version/gitlab/3.1.0
version/gitlab/4.0.0
version/gitlab/4.1.0
version/gitlab/4.2.0
version/gitlab/5.0.0
version/gitlab/5.0.1
version/gitlab/5.1.0
version/gitlab/5.2.0
version/gitlab/5.3.0
version/gitlab/5.4.0
version/gitlab/5.4.1
version/gitlab/5.4.2
version/gitlab/6.0.0
version/gitlab/6.1.0
version/gitlab/6.2.0
version/gitlab/6.2.1
version/gitlab/6.2.2
canonical/gitlab gitlab-shell
version/gitlab gitlab-shell/1.7.7
version/gitlab gitlab-shell/1.0.4
version/gitlab gitlab-shell/1.1.0
version/gitlab gitlab-shell/1.2.0
version/gitlab gitlab-shell/1.3.0
version/gitlab gitlab-shell/1.4.0
version/gitlab gitlab-shell/1.5.0
version/gitlab gitlab-shell/1.6.0
version/gitlab gitlab-shell/1.7.0
version/gitlab gitlab-shell/1.7.1
version/gitlab gitlab-shell/1.7.2
version/gitlab gitlab-shell/1.7.3
version/gitlab gitlab-shell/1.7.4
version/gitlab gitlab-shell/1.7.5
version/gitlab gitlab-shell/1.7.6

CVE-2013-4581: Code Injection

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-4581?

How do I fix CVE-2013-4581?

What versions of GitLab are affected by CVE-2013-4581?

Can CVE-2013-4581 be exploited without authentication?

What component is primarily affected by CVE-2013-4581?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2013-4581?

How do I fix CVE-2013-4581?

What versions of GitLab are affected by CVE-2013-4581?

Can CVE-2013-4581 be exploited without authentication?

What component is primarily affected by CVE-2013-4581?