CVE-2018-19580
published 2019-07-10CVE-2018-19580: All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not send an email to the old email address when an email address change is made.
PriorityP425medium5.3CVSS 3.0
AVNACLPRNUINSUCNILAN
EPSS
0.99%
58.3th percentile
All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not send an email to the old email address when an email address change is made.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gitlab | < gitlab 11.3.11+dfsg-1 (sid) | gitlab 11.3.11+dfsg-1 (sid) |
| gitlab | gitlab | < 11.3.11 | 11.3.11 |
| gitlab | gitlab | — | — |
| gitlab | gitlab | >= 11.3.12 < 11.4.8 | 11.4.8 |
| gitlab | gitlab | >= 11.4.9 < 11.5.1 | 11.5.1 |
CVSS provenance
nvdv3.05.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
osv5.3MEDIUM
vendor_debian5.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GitLab
CVE-2018-19580: All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not send an email to the old email address when an email address change is made.
vendor_gitlab·2019-07-10·CVSS 5.3
CVE-2018-19580 [MEDIUM] CWE-20 CVE-2018-19580: All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not send an email to the old email address when an email address change is made.
CVE-2018-19580: All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not send an email to the old email address when an email address change is made.
Debian
CVE-2018-19580: gitlab - All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not send an email...
vendor_debian·2018·CVSS 5.3
CVE-2018-19580 [MEDIUM] CVE-2018-19580: gitlab - All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not send an email...
All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not send an email to the old email address when an email address change is made.
Scope: local
sid: resolved (fixed in 11.3.11+dfsg-1)
GHSA
GHSA-hxvp-f87c-vpq8: All versions of GitLab prior to 11
ghsa_unreviewed·2022-05-24
CVE-2018-19580 [MEDIUM] CWE-20 GHSA-hxvp-f87c-vpq8: All versions of GitLab prior to 11
All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not send an email to the old email address when an email address change is made.
OSV
CVE-2018-19580: All versions of GitLab prior to 11
osv·2019-07-10·CVSS 5.3
CVE-2018-19580 [MEDIUM] CVE-2018-19580: All versions of GitLab prior to 11
All versions of GitLab prior to 11.5.1, 11.4.8, and 11.3.11 do not send an email to the old email address when an email address change is made.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-07-10
Published