---

CVE-2018-18641 - log back

CVE-2018-18641 created at 25 Sep 2019 19:31:40
Severity	+ Low
Remote	+ Remote
Type	+ Information disclosure
Description	+ A security issue has been found in gitlab versions prior to 11.4.3, where personal access tokens were being stored unencrypted as plain text in the database which could result in attackers potentially reading them via SQL injection or other database leaks.
References	+ https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/ + https://gitlab.com/gitlab-org/gitlab-ce/commit/daed01a5ca348e7d267b50e325bf58185617a0ad
Notes