CVE-2018-14603

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2018-14603

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-14603.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-14603

Downstream

UBUNTU-CVE-2018-14603

Related

CGA-p888-p7q8-c45v

Published

2018-07-27T02:29:00.327Z

Modified

2026-02-28T00:39:34.937064Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. CSRF can occur in the Test feature of the System Hooks component.

References

https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released/

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type: GIT
Repo: https://gitlab.com/gitlab-org/gitlab
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

075705a5f3bd9748d92cf48073bfe9e79b58f385

Introduced

7c11ed8c916a10f6d9c32635986008b48410531f

Fixed

f5babb0352010860e6ba0ee4bc73d4d78efb01c4

Introduced

c6f72ac9a88521257991aa9a0cc6d558126f5bb9

Fixed

d139d2241939f6a945ebc81b27d7f2cd00ba3aca

Affected versions

v11.*

v11.0.0

v11.0.0-ee

v11.0.0-rc1

v11.0.0-rc1-ee

v11.0.0-rc10

v11.0.0-rc10-ee

v11.0.0-rc11

v11.0.0-rc11-ee

v11.0.0-rc12

v11.0.0-rc12-ee

v11.0.0-rc13

v11.0.0-rc13-ee

v11.0.0-rc14

v11.0.0-rc14-ee

v11.0.0-rc2

v11.0.0-rc2-ee

v11.0.0-rc3

v11.0.0-rc3-ee

v11.0.0-rc4

v11.0.0-rc4-ee

v11.0.0-rc5

v11.0.0-rc5-ee

v11.0.0-rc6

v11.0.0-rc6-ee

v11.0.0-rc7

v11.0.0-rc7-ee

v11.0.0-rc8

v11.0.0-rc8-ee

v11.0.0-rc9

v11.0.0-rc9-ee

v11.0.0.pre

v11.0.1

v11.0.1-ee

v11.0.2

v11.0.2-ee

v11.0.3

v11.0.3-ee

v11.0.4

v11.0.4-ee

v11.1.0

v11.1.0-ee

v11.1.0-rc1

v11.1.0-rc1-ee

v11.1.0-rc10

v11.1.0-rc10-ee

v11.1.0-rc11

v11.1.0-rc11-ee

v11.1.0-rc12

v11.1.0-rc12-ee

v11.1.0-rc13

v11.1.0-rc13-ee

v11.1.0-rc14

v11.1.0-rc14-ee

v11.1.0-rc2

v11.1.0-rc2-ee

v11.1.0-rc3

v11.1.0-rc3-ee

v11.1.0-rc4

v11.1.0-rc4-ee

v11.1.0-rc5

v11.1.0-rc5-ee

v11.1.0-rc6

v11.1.0-rc6-ee

v11.1.0-rc7

v11.1.0-rc7-ee

v11.1.0-rc8

v11.1.0-rc8-ee

v11.1.0-rc9

v11.1.0-rc9-ee

v11.1.0.pre

v11.1.1

v11.1.1-ee

v6.*

v6.0.0-ee

v6.0.0-ee.beta

v6.0.0-ee.rc1

v6.1.0-ee

v6.2.1

v6.2.2

v6.3.0-ee

v6.3.1-ee

v6.4.0-ee

v6.4.1

v6.4.2

v6.4.3

v6.5.0-ee

v6.5.1

v6.6.0-ee

v6.6.1

v6.6.2

v6.7.0-ee

v6.7.0.rc1-ee

v6.7.1

v6.7.2

v6.8.0-ee

v6.8.1

v7.*

v7.0.0-ee

v7.1.0-ee

v7.1.0.rc1-ee

v7.2.0.rc1-ee

v7.2.0.rc2-ee

v7.2.0.rc3-ee

v7.2.0.rc4-ee

v7.2.0.rc5-ee

v7.3.0-ee

v7.3.0.rc1-ee

v7.4.0-ee

v7.4.1-ee

v7.4.2-ee

v7.4.3-ee

v7.4.4-ee

v8.*

v8.11.0

v8.11.0-ee

v8.11.0-rc1

v8.11.0-rc1-ee

v8.11.0-rc2

v8.11.0-rc2-ee

v8.11.0-rc3

v8.11.0-rc3-ee

v8.11.0-rc4

v8.11.0-rc4-ee

v8.11.0-rc5

v8.11.0-rc5-ee

v8.11.0-rc6

v8.11.0-rc6-ee

v8.11.0-rc7

v8.11.0-rc7-ee

v8.11.1

v8.12.0

v8.12.0-ee

v8.12.0-rc1

v8.12.0-rc1-ee

v8.12.0-rc2

v8.12.0-rc2-ee

v8.12.0-rc3

v8.12.0-rc3-ee

v8.12.0-rc4

v8.12.0-rc4-ee

v8.12.0-rc5

v8.12.0-rc5-ee

v8.12.0-rc6

v8.12.0-rc6-ee

v8.12.0-rc7

v8.12.0-rc7-ee

v8.12.0.pre

v8.12.1

v8.12.1-ee

v8.12.2

v8.12.2-ee

v8.12.3-ee

v8.2.0-ee

v8.2.0.rc1

v8.2.0.rc1-ee

v8.2.0.rc2

v8.2.0.rc2-ee

v8.8.0

v8.8.0-ee

v8.8.0-rc1

v8.8.0-rc1-ee

v8.8.0-rc2

v8.8.0-rc2-ee

v8.8.1-ee

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-14603.json"