Main Vulnerability Database Exploits ID:5628 - Exploit for CRLF injection in Gitlab Community Edition - CVE-2018-19585

ID:5628 - Exploit for CRLF injection in Gitlab Community Edition - CVE-2018-19585

Published: June 17, 2021

Vulnerability identifier: #VU31064

Vulnerability risk: Medium

CVE-ID: CVE-2018-19585

CWE-ID: CWE-93

Exploitation vector: Remote access

Vulnerable software:
Gitlab Community Edition

Link to public exploit:

https://www.exploit-db.com/exploits/49263/

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to manipulate data.

GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1 have CRLF Injection in Project Mirroring when using the Git protocol.

Remediation

Install update from vendor's website.

ID:5628 - Exploit for CRLF injection in Gitlab Community Edition - CVE-2018-19585

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human