CVE-2018-14364
Publication date 18 July 2018
Last updated 25 August 2025
Ubuntu priority
Cvss 3 Severity Score
Description
GitLab Community and Enterprise Edition before 10.7.7, 10.8.x before 10.8.6, and 11.x before 11.0.4 allows Directory Traversal with write access and resultant remote code execution via the GitLab projects import component.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| gitlab | ||
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty | Not in release |
Notes
Severity score breakdown
CVSS version: CVSS v3.0
Base score
9.8 · Critical
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H