Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-vybv-n2a8-qugs

Summary An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Cleartext Storage of Sensitive Information.

Aliases

alias	CVE-2018-18641

Fixed_packages

url	pkg:alpm/archlinux/gitlab@11.4.3-1
purl	pkg:alpm/archlinux/gitlab@11.4.3-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@11.4.3-1

url	pkg:deb/debian/gitlab@11.2.8%2Bdfsg-2?distro=sid
purl	pkg:deb/debian/gitlab@11.2.8%2Bdfsg-2?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@11.2.8%252Bdfsg-2%3Fdistro=sid

url	pkg:deb/debian/gitlab@17.6.5-19?distro=sid
purl	pkg:deb/debian/gitlab@17.6.5-19?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@17.6.5-19%3Fdistro=sid

Affected_packages

url pkg:alpm/archlinux/gitlab@11.4.0-1

purl pkg:alpm/archlinux/gitlab@11.4.0-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-237a-hwkp-47ep

vulnerability	VCID-4nq8-46us-fqdx

vulnerability	VCID-818r-vkyn-dfg3

vulnerability	VCID-b892-qn91-h7aa

vulnerability	VCID-de67-fg42-33fc

vulnerability	VCID-j3h8-a8dz-nbc3

vulnerability	VCID-mwwz-cchk-xqef

vulnerability	VCID-nm3h-6p78-skgt

vulnerability	VCID-pkf7-7s21-17a8

vulnerability	VCID-tnfb-sr49-ykhd

vulnerability	VCID-vybv-n2a8-qugs

resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@11.4.0-1

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-18641

reference_id

reference_type

scores

value	0.00061
scoring_system	epss
scoring_elements	0.18982
published_at	2026-04-26T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19187
published_at	2026-04-01T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19322
published_at	2026-04-02T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19374
published_at	2026-04-04T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19089
published_at	2026-04-07T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.1917
published_at	2026-04-08T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19222
published_at	2026-04-09T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19229
published_at	2026-04-11T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19182
published_at	2026-04-12T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19127
published_at	2026-04-13T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19085
published_at	2026-04-16T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19096
published_at	2026-04-18T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.19104
published_at	2026-04-21T12:55:00Z

value	0.00061
scoring_system	epss
scoring_elements	0.18995
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-18641

reference_url	https://security.archlinux.org/ASA-201810-16
reference_id	ASA-201810-16
reference_type
scores
url	https://security.archlinux.org/ASA-201810-16

reference_url

https://security.archlinux.org/AVG-794

reference_id

AVG-794

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-794

Weaknesses

Exploits

Severity_range_score 9.0 - 10.0

Exploitability 0.5

Weighted_severity 9.0

Risk_score 4.5

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vybv-n2a8-qugs

Vulnerability Instance