Lucene search

Ubuntu.comUB:CVE-2018-17975

HistoryDec 04, 2018 - 12:00 a.m.

CVE-2018-17975

2018-12-0400:00:00

ubuntu.com

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

0.001 Low

EPSS

Percentile

46.4%

JSON

An issue was discovered in GitLab Community Edition 11.x before 11.1.8,
11.2.x before 11.2.5, and 11.3.x before 11.3.2. There is Information
Exposure via the GFM markdown API.

Notes

Author	Note
msalvatore	Affects GitLab CE 11.0 - 11.3.

References

about.gitlab.com/2018/10/05/critical-security-release-11-3-4/

gitlab.com/gitlab-org/gitlab-ce/issues/50744

launchpad.net/bugs/cve/CVE-2018-17975

nvd.nist.gov/vuln/detail/CVE-2018-17975

security-tracker.debian.org/tracker/CVE-2018-17975

www.cve.org/CVERecord?id=CVE-2018-17975

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

0.001 Low

EPSS

Percentile

46.4%

JSON

Related for UB:CVE-2018-17975