1. CVE-Search
  2. CVE-2018-14601
ID CVE-2018-14601
Summary An issue was discovered in GitLab Community and Enterprise Edition 11.1.x before 11.1.2. A Denial of Service can occur because Markdown rendering times are slow.
References
Vulnerable Configurations
  • cpe:2.3:a:gitlab:gitlab:11.1.0:*:*:*:community:*:*:*
    cpe:2.3:a:gitlab:gitlab:11.1.0:*:*:*:community:*:*:*
  • cpe:2.3:a:gitlab:gitlab:11.1.0:-:*:*:community:*:*:*
    cpe:2.3:a:gitlab:gitlab:11.1.0:-:*:*:community:*:*:*
  • cpe:2.3:a:gitlab:gitlab:11.1.0:pre:*:*:community:*:*:*
    cpe:2.3:a:gitlab:gitlab:11.1.0:pre:*:*:community:*:*:*
  • cpe:2.3:a:gitlab:gitlab:11.1.0:rc1:*:*:community:*:*:*
    cpe:2.3:a:gitlab:gitlab:11.1.0:rc1:*:*:community:*:*:*
  • cpe:2.3:a:gitlab:gitlab:11.1.0:rc10:*:*:community:*:*:*
    cpe:2.3:a:gitlab:gitlab:11.1.0:rc10:*:*:community:*:*:*
  • cpe:2.3:a:gitlab:gitlab:11.1.0:rc11:*:*:community:*:*:*
    cpe:2.3:a:gitlab:gitlab:11.1.0:rc11:*:*:community:*:*:*
  • cpe:2.3:a:gitlab:gitlab:11.1.0:rc12:*:*:community:*:*:*
    cpe:2.3:a:gitlab:gitlab:11.1.0:rc12:*:*:community:*:*:*
  • cpe:2.3:a:gitlab:gitlab:11.1.0:rc13:*:*:community:*:*:*
    cpe:2.3:a:gitlab:gitlab:11.1.0:rc13:*:*:community:*:*:*
  • cpe:2.3:a:gitlab:gitlab:11.1.0:rc14:*:*:community:*:*:*
    cpe:2.3:a:gitlab:gitlab:11.1.0:rc14:*:*:community:*:*:*
  • cpe:2.3:a:gitlab:gitlab:11.1.0:rc2:*:*:community:*:*:*
    cpe:2.3:a:gitlab:gitlab:11.1.0:rc2:*:*:community:*:*:*
  • cpe:2.3:a:gitlab:gitlab:11.1.0:rc3:*:*:community:*:*:*
    cpe:2.3:a:gitlab:gitlab:11.1.0:rc3:*:*:community:*:*:*
  • cpe:2.3:a:gitlab:gitlab:11.1.0:rc4:*:*:community:*:*:*
    cpe:2.3:a:gitlab:gitlab:11.1.0:rc4:*:*:community:*:*:*
  • cpe:2.3:a:gitlab:gitlab:11.1.0:rc5:*:*:community:*:*:*
    cpe:2.3:a:gitlab:gitlab:11.1.0:rc5:*:*:community:*:*:*
  • cpe:2.3:a:gitlab:gitlab:11.1.0:rc6:*:*:community:*:*:*
    cpe:2.3:a:gitlab:gitlab:11.1.0:rc6:*:*:community:*:*:*
  • cpe:2.3:a:gitlab:gitlab:11.1.0:rc7:*:*:community:*:*:*
    cpe:2.3:a:gitlab:gitlab:11.1.0:rc7:*:*:community:*:*:*
  • cpe:2.3:a:gitlab:gitlab:11.1.0:rc8:*:*:community:*:*:*
    cpe:2.3:a:gitlab:gitlab:11.1.0:rc8:*:*:community:*:*:*
  • cpe:2.3:a:gitlab:gitlab:11.1.0:rc9:*:*:community:*:*:*
    cpe:2.3:a:gitlab:gitlab:11.1.0:rc9:*:*:community:*:*:*
  • cpe:2.3:a:gitlab:gitlab:11.1.1:*:*:*:community:*:*:*
    cpe:2.3:a:gitlab:gitlab:11.1.1:*:*:*:community:*:*:*
  • cpe:2.3:a:gitlab:gitlab:11.1.0:*:*:*:enterprise:*:*:*
    cpe:2.3:a:gitlab:gitlab:11.1.0:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:gitlab:gitlab:11.1.1:*:*:*:enterprise:*:*:*
    cpe:2.3:a:gitlab:gitlab:11.1.1:*:*:*:enterprise:*:*:*
CVSS
Base: 5.0 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
confirm https://gitlab.com/gitlab-org/gitlab-ce/issues/49409
misc https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released/
Last major update 03-10-2019 - 00:03
Published 27-07-2018 - 02:29
Last modified 03-10-2019 - 00:03
Back to Top