VulnerableCode Package Details - pkg:alpm/archlinux/gitlab@11.4.3-1

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-237a-hwkp-47ep	An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Information Exposure Through an Error Message.	CVE-2018-18648
VCID-4nq8-46us-fqdx	GitLab CE & EE 11.2 and later and before 11.5.0-rc12, 11.4.6, and 11.3.10 have Persistent XSS.	CVE-2018-18643
VCID-818r-vkyn-dfg3	An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows SSRF.	CVE-2018-18646
VCID-b892-qn91-h7aa	An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for Information Exposure via unsubscribe links in email replies.	CVE-2018-18645
VCID-j3h8-a8dz-nbc3	An issue was discovered in the wiki API in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for remote code execution.	CVE-2018-18649
VCID-pkf7-7s21-17a8	An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Information Exposure Through Browser Caching.	CVE-2018-18640
VCID-vybv-n2a8-qugs	An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Cleartext Storage of Sensitive Information.	CVE-2018-18641

Vulnerability

Summary

Aliases

VCID-237a-hwkp-47ep

An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Information Exposure Through an Error Message.

CVE-2018-18648

VCID-4nq8-46us-fqdx

GitLab CE & EE 11.2 and later and before 11.5.0-rc12, 11.4.6, and 11.3.10 have Persistent XSS.

CVE-2018-18643

VCID-818r-vkyn-dfg3

An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows SSRF.

CVE-2018-18646

VCID-b892-qn91-h7aa

An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for Information Exposure via unsubscribe links in email replies.

CVE-2018-18645

VCID-j3h8-a8dz-nbc3

An issue was discovered in the wiki API in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for remote code execution.

CVE-2018-18649

VCID-pkf7-7s21-17a8

An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Information Exposure Through Browser Caching.

CVE-2018-18640

VCID-vybv-n2a8-qugs

An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Cleartext Storage of Sensitive Information.

CVE-2018-18641

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T18:24:33.819302+00:00	Arch Linux Importer	Fixing	VCID-pkf7-7s21-17a8	https://security.archlinux.org/AVG-794	38.0.0
2026-04-01T18:24:33.795511+00:00	Arch Linux Importer	Fixing	VCID-vybv-n2a8-qugs	https://security.archlinux.org/AVG-794	38.0.0
2026-04-01T18:24:33.771016+00:00	Arch Linux Importer	Fixing	VCID-4nq8-46us-fqdx	https://security.archlinux.org/AVG-794	38.0.0
2026-04-01T18:24:33.743826+00:00	Arch Linux Importer	Fixing	VCID-b892-qn91-h7aa	https://security.archlinux.org/AVG-794	38.0.0
2026-04-01T18:24:33.718958+00:00	Arch Linux Importer	Fixing	VCID-818r-vkyn-dfg3	https://security.archlinux.org/AVG-794	38.0.0
2026-04-01T18:24:33.695416+00:00	Arch Linux Importer	Fixing	VCID-237a-hwkp-47ep	https://security.archlinux.org/AVG-794	38.0.0
2026-04-01T18:24:33.672412+00:00	Arch Linux Importer	Fixing	VCID-j3h8-a8dz-nbc3	https://security.archlinux.org/AVG-794	38.0.0