CVE-2018-16048

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2018-16048

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-16048.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-16048

Published

2018-10-03T16:29:00.293Z

Modified

2026-04-10T04:06:42.366318Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before 11.1.5, and 11.2.x before 11.2.2. There is Missing Authorization Control for API Repository Storage.

References

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type

GIT

Repo

https://gitlab.com/gitlab-org/gitlab

Events

Introduced

4071be4ff453bc317ba65d5f4a50cab7d50869db

Fixed

b7c4aa0bc699186fb7f9eb307174f3c297e4c491

Introduced

7c11ed8c916a10f6d9c32635986008b48410531f

Fixed

024183f900d027eb24a17c4706f2d4507b985cf1

Introduced

44dbeccbe1039cb1d42d8502655ffb0bce3ae803

Fixed

77397c52b449bf1ffbf2fd27f189de45babc67bb

Database specific

{
    "versions": [
        {
            "introduced": "8.10.0"
        },
        {
            "fixed": "11.0.6"
        },
        {
            "introduced": "11.1.0"
        },
        {
            "fixed": "11.1.5"
        },
        {
            "introduced": "11.2.0"
        },
        {
            "fixed": "11.2.2"
        }
    ]
}

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-16048.json"