CyberSec.Space Logo
Back to CVE Browser

CVE-2018-18843

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0100%
EPSS Percentile4.90th
PublishedDec 4, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4.4 has SSRF.

Affected Platforms (CPE)

πŸ“¦
Gitlab

Gitlab

>= 11.0.0 and < 11.2.8
πŸ“¦
Gitlab

Gitlab

>= 11.3.0 and < 11.3.9
πŸ“¦
Gitlab

Gitlab

>= 11.4.0 and < 11.4.4

References & Advisories

πŸ”— https://about.gitlab.com/2018/11/01/critical-security-release-gitlab-11-dot-4-dot-4-released/
πŸ”— https://gitlab.com/gitlab-org/gitlab-ce/issues/53158
πŸ”— https://about.gitlab.com/2018/11/01/critical-security-release-gitlab-11-dot-4-dot-4-released/
πŸ”— https://gitlab.com/gitlab-org/gitlab-ce/issues/53158

Related Vulnerabilities

CVE-2020-541510.0

Concourse, versions prior to 6.3.1 and 6.4.1, in installations which use the GitLab auth connector, is vulnerable to identity spoo...

CVE-2021-2220510.0

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image f...

CVE-2019-917410.0

An issue was discovered in GitLab Community and Enterprise Edition before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1....

CVE-2021-221929.9

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2 allowing unauthorized authenticated users t...