Опубликовано: 10 июл. 2019
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 3.5
CVSS3: 5.4
Описание
GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in Markdown fields via Mermaid.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| esm-apps/xenial | not-affected | |
| esm-infra-legacy/trusty | DNE | |
| precise/esm | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | needs-triage | |
| xenial | not-affected |
Показывать по
10
EPSS
Процентиль: 29%
0.00105
Низкий
3.5 Low
CVSS2
5.4 Medium
CVSS3
Связанные уязвимости
CVSS3: 5.4
nvd
почти 6 лет назад
GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in Markdown fields via Mermaid.
CVSS3: 5.4
debian
почти 6 лет назад
GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11. ...
CVSS3: 5.4
github
около 3 лет назад
GitLab CE/EE, versions 10.3 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an XSS vulnerability in Markdown fields via Mermaid.
EPSS
Процентиль: 29%
0.00105
Низкий
3.5 Low
CVSS2
5.4 Medium
CVSS3