| CVE-2018-18843 |
High |
Yes |
Cross-site request forgery |
The GitLab Kubernetes integration was vulnerable to a SSRF issue which could allow an attacker to make requests to access any internal URLs |
| CVE-2018-18647 |
Medium |
Yes |
Access restriction bypass |
A security issue has been found in gitlab versions prior to 11.4.3, where the protected_branches API was vulnerable to an issue which allowed an... |
| CVE-2018-18644 |
Medium |
Yes |
Information disclosure |
A security issue has been found in gitlab versions prior to 11.4.3, where the Prometheus integration was vulnerable to an indirect object reference issue... |
| CVE-2018-18642 |
Medium |
Yes |
Cross-site scripting |
A security issue has been found in gitlab versions prior to 11.4.3, where the license management and security reports pages contained a lack of input... |