What is CVE-2018-18649?

CVE-2018-18649 is a vulnerability in N/a. Published 2018-11-29.

Is CVE-2018-18649 known to be exploited?

5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2018-18649

An issue was discovered in the wiki API in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for remote code execution.

EPSS: 0.550 (98.1th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

Snowming04/CVE-2018-18649
0xT11/CVE-POC
deadcyph3r/Awesome-Collection
izj007/wechat
whoami13apt/files2

References

gitlab.com/gitlab-org/gitlab-ce/issues/53072 (x_refsource_CONFIRM)
about.gitlab.com/2018/10/29/security-release-gitlab-11-dot-4-dot-3-released/ (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2018-18649?: CVE-2018-18649 is a vulnerability in N/a. Published 2018-11-29.
Is CVE-2018-18649 known to be exploited?: 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.