CVE-2018-19585

🗓️ 17 May 2019 15:09:53Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 99 Views

GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol

Reporter	Title	Published	Views	Family All 14
FreeBSD	Gitlab -- Multiple vulnerabilities	28 Nov 201800:00	–	freebsd
Circl	CVE-2018-19585	17 Jan 202303:16	–	circl
CNVD	GitLab CE/EE CRLF Injection Vulnerability	20 May 201900:00	–	cnvd
Cvelist	CVE-2018-19585	17 May 201915:09	–	cvelist
GithubExploit	Exploit for Server-Side Request Forgery in Gitlab	11 Apr 202111:23	–	githubexploit
Debian CVE	CVE-2018-19585	17 May 201915:09	–	debiancve
Exploit DB	GitLab 11.4.7 - Remote Code Execution (Authenticated)	16 Dec 202000:00	–	exploitdb
Exploit DB	GitLab 11.4.7 - RCE (Authenticated) (2)	24 Dec 202000:00	–	exploitdb
Tenable Nessus	FreeBSD : Gitlab -- Multiple vulnerabilities (8a4aba2d-f33e-11e8-9416-001b217b3468)	29 Nov 201800:00	–	nessus
NVD	CVE-2018-19585	17 May 201916:29	–	nvd

NVD

Node

gitlab gitlabRange8.18.0–11.3.11community

gitlab gitlabRange8.18.0–11.3.11enterprise

gitlab gitlabRange11.4.0–11.4.8community

gitlab gitlabRange11.4.0–11.4.8enterprise

gitlab gitlabRange11.5.0–11.5.1community

gitlab gitlabRange11.5.0–11.5.1enterprise

Source	Link
about	www.about.gitlab.com/blog/categories/releases/
about	www.about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/
packetstormsecurity	www.packetstormsecurity.com/files/160516/GitLab-11.4.7-Remote-Code-Execution.html
packetstormsecurity	www.packetstormsecurity.com/files/160699/GitLab-11.4.7-Remote-Code-Execution.html

21 Nov 2024 03:58Current

7.3High risk

Vulners AI Score7.3

CVSS 25

CVSS 37.5

EPSS0.04557

CWE-93

cve-2018-19585 gitlab ce ee crlf injection project mirroring git protocol security vulnerability nvd