Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-j3h8-a8dz-nbc3
SummaryAn issue was discovered in the wiki API in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for remote code execution.
Aliases
0
alias CVE-2018-18649
Fixed_packages
0
url pkg:alpm/archlinux/gitlab@11.4.3-1
purl pkg:alpm/archlinux/gitlab@11.4.3-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@11.4.3-1
1
url pkg:deb/debian/gitlab@0?distro=sid
purl pkg:deb/debian/gitlab@0?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@0%3Fdistro=sid
2
url pkg:deb/debian/gitlab@17.6.5-19?distro=sid
purl pkg:deb/debian/gitlab@17.6.5-19?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/gitlab@17.6.5-19%3Fdistro=sid
Affected_packages
0
url pkg:alpm/archlinux/gitlab@11.4.0-1
purl pkg:alpm/archlinux/gitlab@11.4.0-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-237a-hwkp-47ep
1
vulnerability VCID-4nq8-46us-fqdx
2
vulnerability VCID-818r-vkyn-dfg3
3
vulnerability VCID-b892-qn91-h7aa
4
vulnerability VCID-de67-fg42-33fc
5
vulnerability VCID-j3h8-a8dz-nbc3
6
vulnerability VCID-mwwz-cchk-xqef
7
vulnerability VCID-nm3h-6p78-skgt
8
vulnerability VCID-pkf7-7s21-17a8
9
vulnerability VCID-tnfb-sr49-ykhd
10
vulnerability VCID-vybv-n2a8-qugs
resource_url http://public2.vulnerablecode.io/packages/pkg:alpm/archlinux/gitlab@11.4.0-1
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-18649
reference_id
reference_type
scores
0
value 0.54969
scoring_system epss
scoring_elements 0.98057
published_at 2026-04-24T12:55:00Z
1
value 0.54969
scoring_system epss
scoring_elements 0.98034
published_at 2026-04-01T12:55:00Z
2
value 0.54969
scoring_system epss
scoring_elements 0.9804
published_at 2026-04-02T12:55:00Z
3
value 0.54969
scoring_system epss
scoring_elements 0.98042
published_at 2026-04-04T12:55:00Z
4
value 0.54969
scoring_system epss
scoring_elements 0.98044
published_at 2026-04-07T12:55:00Z
5
value 0.54969
scoring_system epss
scoring_elements 0.98048
published_at 2026-04-08T12:55:00Z
6
value 0.54969
scoring_system epss
scoring_elements 0.98049
published_at 2026-04-09T12:55:00Z
7
value 0.54969
scoring_system epss
scoring_elements 0.98054
published_at 2026-04-11T12:55:00Z
8
value 0.54969
scoring_system epss
scoring_elements 0.98055
published_at 2026-04-13T12:55:00Z
9
value 0.54969
scoring_system epss
scoring_elements 0.98061
published_at 2026-04-16T12:55:00Z
10
value 0.54969
scoring_system epss
scoring_elements 0.98062
published_at 2026-04-18T12:55:00Z
11
value 0.54969
scoring_system epss
scoring_elements 0.98058
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-18649
1
reference_url https://security.archlinux.org/ASA-201810-16
reference_id ASA-201810-16
reference_type
scores
url https://security.archlinux.org/ASA-201810-16
2
reference_url https://security.archlinux.org/AVG-794
reference_id AVG-794
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-794
Weaknesses
Exploits
Severity_range_score9.0 - 10.0
Exploitability0.5
Weighted_severity9.0
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-j3h8-a8dz-nbc3