CVE-2017-0925

CVE-2017-0925

Vendor Gitlab
Product GitLab Community and Enterprise Editions
Weakness CWE-522 · Insufficiently protected credentials
Published March 21, 2018
Last update August 5, 2024

CVSS base score

What the vulnerability does

01Description

Gitlab Enterprise Edition version 10.1.0 is vulnerable to an insufficiently protected credential issue in the project service integration API endpoint resulting in an information disclosure of plaintext password.

Key dates

02Disclosure timeline

March 21, 2018 CVE published
August 5, 2024 Record updated