CVE-2017-0927

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-0927
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-0927.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-0927
Published
2018-03-21T20:29:00.857Z
Modified
2026-04-10T03:54:33.270820Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the deployment keys component resulting in unauthorized use of deployment keys by guest users.

References

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type
GIT
Repo
https://gitlab.com/gitlab-org/gitlab
Events
Introduced
47550d092f0a6cbedc58752d1a220fe519b8ea01
Last affected
9c32fedb6d29601a9cb698a25f8b917724b484b3
Introduced
47550d092f0a6cbedc58752d1a220fe519b8ea01
Last affected
9c32fedb6d29601a9cb698a25f8b917724b484b3
Introduced
235b8d50ad14e7cdf4bc61c3df070f38dee97974
Last affected
5a1abb98b40ef0047d634b6ff09c3379da46cff9
Introduced
235b8d50ad14e7cdf4bc61c3df070f38dee97974
Last affected
5a1abb98b40ef0047d634b6ff09c3379da46cff9
Introduced
d90716aff22310b27734df86d287d2cb4084fdbb
Last affected
3ec4b67ffebfd15dd22fca7b35b0405454422df7
Introduced
d90716aff22310b27734df86d287d2cb4084fdbb
Last affected
3ec4b67ffebfd15dd22fca7b35b0405454422df7
Introduced
6369db0196ec7b6e288b16382c95243424a59b62
Last affected
3f64be9aeeb1a8c7c88b50bdf0212118dc265ce6
Introduced
6369db0196ec7b6e288b16382c95243424a59b62
Last affected
3f64be9aeeb1a8c7c88b50bdf0212118dc265ce6
Database specific 
{
    "versions": [
        {
            "introduced": "8.16.0"
        },
        {
            "last_affected": "9.5.10"
        },
        {
            "introduced": "8.16.0"
        },
        {
            "last_affected": "9.5.10"
        },
        {
            "introduced": "10.0.0"
        },
        {
            "last_affected": "10.1.5"
        },
        {
            "introduced": "10.0.0"
        },
        {
            "last_affected": "10.1.5"
        },
        {
            "introduced": "10.2.0"
        },
        {
            "last_affected": "10.2.5"
        },
        {
            "introduced": "10.2.0"
        },
        {
            "last_affected": "10.2.5"
        },
        {
            "introduced": "10.3.0"
        },
        {
            "last_affected": "10.3.3"
        },
        {
            "introduced": "10.3.0"
        },
        {
            "last_affected": "10.3.3"
        }
    ]
}

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-0927.json"