CVE-2019-10112

Опубликовано: 16 мая 2019

Источник: debian

EPSS Низкий

Описание

An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. The construction of the HMAC key was insecurely derived.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gitlab	not-affected			package

Примечания

https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/

EPSS

Процентиль: 24%

0.0008

Низкий

Связанные уязвимости

CVE-2019-10112

CVSS3: 7.5

ubuntu

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. The construction of the HMAC key was insecurely derived.

CVE-2019-10112

CVSS3: 7.5

nvd

больше 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. The construction of the HMAC key was insecurely derived.

GHSA-qjfq-84f6-v57x

github

больше 3 лет назад

An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. The construction of the HMAC key was insecurely derived.

EPSS

Процентиль: 24%

0.0008

Низкий