CVE-2018-17939

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2018-17939

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-17939.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-17939

Published

2018-12-04T23:29:00.240Z

Modified

2026-02-28T00:40:18.161097Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

An issue was discovered in GitLab Community and Enterprise Edition 11.1.x before 11.1.8, 11.2.x before 11.2.5, and 11.3.x before 11.3.2. There is Information Exposure via the merge request JSON endpoint.

References

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type: GIT
Repo: https://gitlab.com/gitlab-org/gitlab
Events: Introduced

1bbe39452664021af90851aef8527ce5e850343e

Fixed

2a103167c986bf540595f990b82e8b37127b7146

Introduced

44dbeccbe1039cb1d42d8502655ffb0bce3ae803

Fixed

da87da289d0a874afcd36c29c6652f931f9288ad

Introduced

7c11ed8c916a10f6d9c32635986008b48410531f

Fixed

c55d90a5158a2007930216ddfd78ecc3ae7319d0

Affected versions

v11.*

v11.1.0

v11.1.0-ee

v11.1.0-rc1

v11.1.0-rc1-ee

v11.1.0-rc10

v11.1.0-rc10-ee

v11.1.0-rc11

v11.1.0-rc11-ee

v11.1.0-rc12

v11.1.0-rc12-ee

v11.1.0-rc13

v11.1.0-rc13-ee

v11.1.0-rc14

v11.1.0-rc14-ee

v11.1.0-rc2

v11.1.0-rc2-ee

v11.1.0-rc3

v11.1.0-rc3-ee

v11.1.0-rc4

v11.1.0-rc4-ee

v11.1.0-rc5

v11.1.0-rc5-ee

v11.1.0-rc6

v11.1.0-rc6-ee

v11.1.0-rc7

v11.1.0-rc7-ee

v11.1.0-rc8

v11.1.0-rc8-ee

v11.1.0-rc9

v11.1.0-rc9-ee

v11.1.0.pre

v11.1.1

v11.1.1-ee

v11.1.2

v11.1.2-ee

v11.1.3

v11.1.3-ee

v11.1.4

v11.1.4-ee

v11.1.5

v11.1.5-ee

v11.1.6-ee

v11.1.7-ee

v11.2.0

v11.2.0-ee

v11.2.0-rc1-ee

v11.2.0-rc10

v11.2.0-rc10-ee

v11.2.0-rc2

v11.2.0-rc2-ee

v11.2.0-rc3

v11.2.0-rc3-ee

v11.2.0-rc4-ee

v11.2.0-rc5

v11.2.0-rc5-ee

v11.2.0-rc6

v11.2.0-rc6-ee

v11.2.0-rc7

v11.2.0-rc7-ee

v11.2.0-rc8

v11.2.0-rc8-ee

v11.2.0-rc9

v11.2.0-rc9-ee

v11.2.0.pre

v11.2.1

v11.2.1-ee

v11.2.2

v11.2.2-ee

v11.2.3-ee

v11.2.4-ee

v11.3.0-ee

v11.3.0-rc1

v11.3.0-rc1-ee

v11.3.0-rc10-ee

v11.3.0-rc11-ee

v11.3.0-rc2

v11.3.0-rc2-ee

v11.3.0-rc3

v11.3.0-rc3-ee

v11.3.0-rc4

v11.3.0-rc4-ee

v11.3.0-rc5

v11.3.0-rc5-ee

v11.3.0-rc6

v11.3.0-rc6-ee

v11.3.0-rc7-ee

v11.3.0-rc8-ee

v11.3.0-rc9-ee

v11.3.0.pre

v11.3.1-ee

v6.*

v6.0.0-ee

v6.0.0-ee.beta

v6.0.0-ee.rc1

v6.1.0-ee

v6.2.1

v6.2.2

v6.3.0-ee

v6.3.1-ee

v6.4.0-ee

v6.4.1

v6.4.2

v6.4.3

v6.5.0-ee

v6.5.1

v6.6.0-ee

v6.6.1

v6.6.2

v6.7.0-ee

v6.7.0.rc1-ee

v6.7.1

v6.7.2

v6.8.0-ee

v6.8.1

v7.*

v7.0.0-ee

v7.1.0-ee

v7.1.0.rc1-ee

v7.2.0.rc1-ee

v7.2.0.rc2-ee

v7.2.0.rc3-ee

v7.2.0.rc4-ee

v7.2.0.rc5-ee

v7.3.0-ee

v7.3.0.rc1-ee

v7.4.0-ee

v7.4.1-ee

v7.4.2-ee

v7.4.3-ee

v7.4.4-ee

v8.*

v8.11.0

v8.11.0-ee

v8.11.0-rc1

v8.11.0-rc1-ee

v8.11.0-rc2

v8.11.0-rc2-ee

v8.11.0-rc3

v8.11.0-rc3-ee

v8.11.0-rc4

v8.11.0-rc4-ee

v8.11.0-rc5

v8.11.0-rc5-ee

v8.11.0-rc6

v8.11.0-rc6-ee

v8.11.0-rc7

v8.11.0-rc7-ee

v8.11.1

v8.12.0

v8.12.0-ee

v8.12.0-rc1

v8.12.0-rc1-ee

v8.12.0-rc2

v8.12.0-rc2-ee

v8.12.0-rc3

v8.12.0-rc3-ee

v8.12.0-rc4

v8.12.0-rc4-ee

v8.12.0-rc5

v8.12.0-rc5-ee

v8.12.0-rc6

v8.12.0-rc6-ee

v8.12.0-rc7

v8.12.0-rc7-ee

v8.12.0.pre

v8.12.1

v8.12.1-ee

v8.12.2

v8.12.2-ee

v8.12.3-ee

v8.2.0-ee

v8.2.0.rc1

v8.2.0.rc1-ee

v8.2.0.rc2

v8.2.0.rc2-ee

v8.8.0

v8.8.0-ee

v8.8.0-rc1

v8.8.0-rc1-ee

v8.8.0-rc2

v8.8.0-rc2-ee

v8.8.1-ee

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-17939.json"