CVE-2017-0914

CVE-2017-0914

Vendor Gitlab
Product GitLab Community and Enterprise Editions
Weakness CWE-89 · SQLi
Published March 21, 2018
Last update August 5, 2024

CVSS base score

What the vulnerability does

01Description

Gitlab Community and Enterprise Editions version 10.1, 10.2, and 10.2.4 are vulnerable to a SQL injection in the MilestoneFinder component resulting in disclosure of all data in a GitLab instance's database.

Key dates

02Disclosure timeline

March 21, 2018 CVE published
August 5, 2024 Record updated