Skip to content
GitLab
Explore
Sign in
Register
Commits on Source (2)
new gitlab issues
· fcac5f4d
Moritz Muehlenhoff
authored
Aug 30, 2018
fcac5f4d
Merge branch 'master' of
https://salsa.debian.org/security-tracker-team/security-tracker
· 1a31e8ee
Moritz Muehlenhoff
authored
Aug 30, 2018
1a31e8ee
Show whitespace changes
Inline
Side-by-side
data/CVE/list
View file @
1a31e8ee
CVE-2018-XXXX [gitlab: Missing Authorization Control API Repository Storage]
- gitlab <not-affected> (Only affects Enterprise edition)
NOTE: https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/
CVE-2018-XXXX [gitlab: Orphaned Upload Files Exposure]
- gitlab <unfixed>
NOTE: https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/
CVE-2018-XXXX [gitlab: Missing CSRF in System Hooks]
- gitlab <unfixed>
NOTE: https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/
CVE-2018-XXXX [gitlab: Sensitive Data Disclosure in Sidekiq Logs]
- gitlab <unfixed>
NOTE: https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/
CVE-2018-XXXX [gitlab: Persistent XSS in Merge Request Changes View]
- gitlab <unfixed>
[stretch] - gitlab <not-affected> (Only affects 11.1 and 11.2)
NOTE: https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/
CVE-2018-XXXX [gitlab: Persistent XSS in Pipeline Tooltip]
- gitlab <unfixed>
[stretch] - gitlab <not-affected> (Only affects 10.7 and later)
NOTE: https://about.gitlab.com/2018/08/28/security-release-gitlab-11-dot-2-dot-2-released/
CVE-2018-16158 (Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 ...)
NOT-FOR-US: Eaton Power Xpert Meter
CVE-2018-16157
