DirectorySecurity AdvisoriesPricing
/
Sign in
Security Advisories

CVE-2018-17452

NVD

https://nvd.nist.gov/vuln/detail/CVE-2018-17452

Severity

9.8

Critical

CVSS V3

Eliminate CVEs with Chainguard hardened images

Build, ship, and run secure software with minimal, hardened container images — rebuilt from source daily and guarded under our industry-leading remediation SLA.

Start for free

Description

An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is Server-Side Request Forgery (SSRF) via a loopback address to the validate_localhost function in url_blocker.rb.

References

  • https://nvd.nist.gov/vuln/detail/CVE-2018-17452
  • https://github.com/advisories/GHSA-8xwc-6h6p-hh69
  • https://about.gitlab.com/blog/categories/releases/
  • https://about.gitlab.com/releases/2018/10/01/security-release-gitlab-11-dot-3-dot-1-released/

Affected packages

The trusted source for open source

Talk to an expert
© 2025 Chainguard. All Rights Reserved.
PrivacyTerms

Product

Chainguard ContainersChainguard LibrariesChainguard VMsIntegrationsPricing

Solutions

FedRAMPPCI DSSCMMC 2.0Golden ImagesCVE RemediationPublic Sector

Customers

Customer StoriesChainguard Reviews

Resources

Events & WebinarsSupply Chain Security 101Chainguard CoursesDocumentationTrust CenterChainguard Slack Community

Company

About UsBlogPartnersNewsroomCareersLegal