/
DirectorySecurity AdvisoriesPricing
Sign in
Security Advisories

CVE-2018-17450

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2018-17450

Severity

4.3

Medium

CVSS V3

Description

An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is Server-Side Request Forgery (SSRF) via the Kubernetes integration, leading (for example) to disclosure of a GCP service token.

References

  • https://images.chainguard.dev/security/CGA-m8j3-gr3r-hm24
  • https://github.com/advisories/GHSA-26w4-3wx5-pc45
  • https://images.chainguard.dev/security/CGA-2gq2-jv95-mmjw
  • https://about.gitlab.com/blog/categories/releases/
  • https://about.gitlab.com/releases/2018/10/01/security-release-gitlab-11-dot-3-dot-1-released/

Affected packages

The trusted source for open source

Talk to an expert
© 2025 Chainguard. All Rights Reserved.
PrivacyTerms

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing

Solutions

FedRAMPPCI DSSGolden ImagesCVE RemediationPublic Sector

Customers

Customer StoriesChainguard Reviews

Resources

Events & WebinarsChainguard CoursesDocumentationTrust Center

Company

About UsBlogPartnersNewsroomCareersLegal