CVE-2018-18646 log

Severity Medium
Remote Yes
Type Cross-site request forgery
A security issue has been found in gitlab versions prior to 11.4.3, where the Hipchat integration was vulnerable to a SSRF issue which allowed an attacker to make requests to any local network resource accessible from the GitLab server.
Group Package Affected Fixed Severity Status Ticket
AVG-794 gitlab 11.4.0-1 11.4.3-1 Critical Fixed
Date Advisory Group Package Severity Type
31 Oct 2018 ASA-201810-16 AVG-794 gitlab Critical multiple issues