CVE-2018-19573

Опубликовано: 10 июл. 2019

Источник: debian

EPSS Низкий

Описание

GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in Markdown fields via Mermaid.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gitlab	fixed	11.3.11+dfsg-1		package

Примечания

https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/

EPSS

Процентиль: 29%

0.00105

Низкий

Связанные уязвимости

CVE-2018-19573

CVSS3: 5.4

ubuntu

почти 6 лет назад

GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in Markdown fields via Mermaid.

CVE-2018-19573

CVSS3: 5.4

nvd

почти 6 лет назад

GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in Markdown fields via Mermaid.

GHSA-8qwm-jfc5-4g8q

CVSS3: 5.4

github

около 3 лет назад

GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in Markdown fields via Mermaid.

EPSS

Процентиль: 29%

0.00105

Низкий