CVE-2026-3848 in Community Edition情報

要約

〜によって MITRE • 2026年03月11日

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 8.11 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to make unintended internal requests through proxy environments under certain conditions due to improper input validation in import functionality.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

責任者

GitLab

予約する

2026年03月09日

公開

2026年03月11日

モデレーション

承諾済み

エントリ

VDB-350431

CPE

準備完了

CWE

CWE-93 (確認済み)

CVSS

5.0 (CNA)

EPSS

0.00024

KEV

いいえ

アクティビティ

非常低い

セクター

Telecommunication, Finance, ...

ソース

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-3848
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-3848
CVE Details	https://www.cvedetails.com/cve/CVE-2026-3848/

◂ 前概要次 ▸

Do you need the next level of professionalism?

Upgrade your account now!