Log

CVE-2018-18557 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Arbitrary code execution
Description
+ LibTIFF before 4.0.10 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-of-bounds write.
References
+ https://bugs.chromium.org/p/project-zero/issues/detail?id=1697
+ https://gitlab.com/libtiff/libtiff/merge_requests/38
+ https://gitlab.com/libtiff/libtiff/commit/681748ec2f5ce88da5f9fa6831e1653e46af8a66
Notes
CVE-2018-18640 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Local
Type
+ Information disclosure
Description
+ A security issue has been found in gitlab versions prior to 11.4.3, where private project pages had inadequate cache control, which resulted in unauthorized users being able to view them in the browser.
References
+ https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
+ https://gitlab.com/gitlab-org/gitlab-ce/commit/5e125b0f84ad768d7ff19905d03820f561c21f98
Notes
CVE-2018-18641 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Remote
Type
+ Information disclosure
Description
+ A security issue has been found in gitlab versions prior to 11.4.3, where personal access tokens were being stored unencrypted as plain text in the database which could result in attackers potentially reading them via SQL injection or other database leaks.
References
+ https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
+ https://gitlab.com/gitlab-org/gitlab-ce/commit/daed01a5ca348e7d267b50e325bf58185617a0ad
Notes
CVE-2018-18642 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Cross-site scripting
Description
+ A security issue has been found in gitlab versions prior to 11.4.3, where the license management and security reports pages contained a lack of input validation and output encoding which resulted in a persistent XSS.
References
+ https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
Notes
+ Only affects Enterprise Edition, not for us.
CVE-2018-18643 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Cross-site scripting
Description
+ A security issue has been found in gitlab versions prior to 11.4.3, where the fragment identifier (hash) of several pages contained a lack of input validation and output encoding issue which resulted in a persistent XSS.
References
+ https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
+ https://gitlab.com/gitlab-org/gitlab-ce/commit/5342df04045e1c8a98fdb9fe8203a816bf240ac8
Notes
CVE-2018-18644 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Information disclosure
Description
+ A security issue has been found in gitlab versions prior to 11.4.3, where the Prometheus integration was vulnerable to an indirect object reference issue which allowed an unauthorized user to see private information. This information includes the project name, environment name, metric name, and metric query. Additionally, an unauthorized user could create false alarms.
References
+ https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
Notes
+ Only affects Enterprise Edition, not for us.
CVE-2018-18645 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Remote
Type
+ Information disclosure
Description
+ A security issue has been found in gitlab versions prior to 11.4.3, where when replying to an issue through email, with the GitLab email footer included, a user's unsubscribe link would be included in the issue. This information is considered sensitive.
References
+ https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
+ https://gitlab.com/gitlab-org/gitlab-ce/commit/82c12bd8bf9e0ea9e8df3bbcad91c27fccc709e8
Notes
CVE-2018-18646 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Cross-site request forgery
Description
+ A security issue has been found in gitlab versions prior to 11.4.3, where the Hipchat integration was vulnerable to a SSRF issue which allowed an attacker to make requests to any local network resource accessible from the GitLab server.
References
+ https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
+ https://gitlab.com/gitlab-org/gitlab-ce/commit/f17e36feab266a62b316bfe88d7d558c2debaf9b
Notes
CVE-2018-18647 created at 25 Sep 2019 19:31:40
Severity
+ Medium
Remote
+ Remote
Type
+ Access restriction bypass
Description
+ A security issue has been found in gitlab versions prior to 11.4.3, where the protected_branches API was vulnerable to an issue which allowed an unauthorized user to remove the merge_access_levels and push_access_levels objects. This could result in the inability of project participants to push or merge into the branch.
References
+ https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
Notes
+ Only affects Enterprise Edition, not for us.
CVE-2018-18648 created at 25 Sep 2019 19:31:40
Severity
+ Low
Remote
+ Remote
Type
+ Information disclosure
Description
+ A security issue has been found in gitlab versions prior to 11.4.3, where a JSON endpoint was disclosing Gem version information which could result in an attacker discovering vulnerable Gems available on a specific GitLab instance.
References
+ https://about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/
+ https://gitlab.com/gitlab-org/gitlab-ce/commit/b9b68fe7d30778338625fb606457eb1886a17f08
Notes