CVE-2013-4580
GitLab <5.4.2, <6.2.4, <6.2.1 - Auth Bypass
Title source: llmDescription
GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1, when using a MySQL backend, allows remote attackers to impersonate arbitrary users and bypass authentication via unspecified API calls.
Scores
EPSS
0.0007
EPSS Percentile
20.8%
Classification
CWE
CWE-287
Status
draft
Affected Products (50)
gitlab/gitlab
< 5.4.1
gitlab/gitlab
gitlab/gitlab
gitlab/gitlab
gitlab/gitlab
gitlab/gitlab
gitlab/gitlab
gitlab/gitlab
gitlab/gitlab
gitlab/gitlab
gitlab/gitlab
gitlab/gitlab
gitlab/gitlab
gitlab/gitlab
gitlab/gitlab
... and 35 more
Timeline
Published
May 12, 2014
Tracked Since
Feb 18, 2026