CVE-2019-16170

Published: Sep 16, 2019Modified: Nov 21, 2024

7.1

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Exploitability: 2.8 / Impact: 4.2

Source: NVD

Description

An issue was discovered in GitLab Enterprise Edition 11.x and 12.x before 12.0.9, 12.1.x before 12.1.9, and 12.2.x before 12.2.5. It has Incorrect Access Control.

Affected (6)

Products: Gitlab: Gitlab

Gitlab

1 product

Gitlab

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Gitlab Gitlab	From 11.6.0 to 12.0.9
Gitlab Gitlab	From 12.1.0 to 12.1.9
Gitlab Gitlab	From 12.2.0 to 12.2.5
Gitlab Gitlab	From 11.6.0 to 12.0.9
Gitlab Gitlab	From 12.1.0 to 12.1.9
Gitlab Gitlab	From 12.2.0 to 12.2.5

References (2)

https://about.gitlab.com/2019/09/10/critical-security-release-gitlab-12-dot-2-dot-5-released/

Source: cve@mitre.org

Release NotesVendor Advisory

https://about.gitlab.com/2019/09/10/critical-security-release-gitlab-12-dot-2-dot-5-released/

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

Timeline

No history available yet.