| |
Vulnerability CVE-2019-15734
Published: 2019-09-16
| Description: |
An issue was discovered in GitLab Community and Enterprise Edition 8.6 through 12.2.1. Under very specific conditions, commit titles and team member comments could become viewable to users who did not have permission to access these. |
Type:
CWE-200 (Information Exposure)
CVSS2 => (AV:N/AC:L/Au:S/C:P/I:N/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4/10 |
2.9/10 |
8/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
Single time |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
None |
None |
References: |
https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
