---

CVE-2018-18640 - log back

CVE-2018-18640 created at 25 Sep 2019 19:31:40
Severity	+ Medium
Remote	+ Local
Type	+ Information disclosure
Description	+ A security issue has been found in gitlab versions prior to 11.4.3, where private project pages had inadequate cache control, which resulted in unauthorized users being able to view them in the browser.
References	+ https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/ + https://gitlab.com/gitlab-org/gitlab-ce/commit/5e125b0f84ad768d7ff19905d03820f561c21f98
Notes