Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2018-18925
HistoryNov 04, 2018 - 5:29 a.m.

CVE-2018-18925

2018-11-0405:29:00
Google
osv.dev
8

7.7 High

AI Score

Confidence

Low

0.098 Low

EPSS

Percentile

94.9%

JSON

Gogs 0.11.66 allows remote code execution because it does not properly validate session IDs, as demonstrated by a “…” session-file forgery in the file session provider in file.go. This is related to session ID handling in the go-macaron/session code for Macaron.

CPENameOperatorVersion
gogseq0.11.34
gogseq0.4.1
gogseq0.5.0
gogseq0.9.48
gogseq0.7.6
gogseq0.4.2
gogseq0.5.9
gogseq0.9.128
gogseq0.11.66
gogseq0.8.10
Rows per page:
1-10 of 531

Related

cvelist 2
openvas 1
veracode 1
prion 2
cve 3
nuclei 1
nvd 3
osv 1
github 1
cvelist
cvelist
CVE-2018-18925
2018-11-04 06:00:00
CVE-2018-20303
2018-12-20 00:00:00
openvas
openvas
Gogs < 0.11.79 Multiple Vulnerabilities
2018-11-13 00:00:00
veracode
veracode
Remote Code Execution (RCE)
2018-11-05 01:57:12
prion
prion
Design/Logic Flaw
2018-11-04 05:29:00
Directory traversal
2018-12-20 00:29:00
cve
cve
CVE-2018-18925
2018-11-04 06:00:00
CVE-2018-20303
2018-12-20 00:29:00
CVE-2018-1000853
2022-10-03 16:21:59
nuclei
nuclei
Gogs (Go Git Service) 0.11.66 - Remote Code Execution
2022-02-09 20:40:54
nvd
nvd
CVE-2018-18925
2018-11-04 05:29:00
CVE-2018-20303
2018-12-20 00:29:00
CVE-2018-1000853
2018-12-06 17:15:08
osv
osv
CVE-2018-20303
2018-12-20 00:29:00
github
github
Gogs Directory Traversal
2022-05-14 01:37:52

7.7 High

AI Score

Confidence

Low

0.098 Low

EPSS

Percentile

94.9%

JSON
Related for OSV:CVE-2018-18925
cvelist2openvas1veracode1prion2cve3nuclei1nvd3osv1github1