Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2019-15590

Опубликовано: 28 янв. 2020
Источник: debian

Описание

An access control issue exists in < 12.3.5, < 12.2.8, and < 12.1.14 for GitLab Community Edition (CE) and Enterprise Edition (EE) where private merge requests and issues would be disclosed with the Group Search feature provided by Elasticsearch integration

Пакеты

ПакетСтатусВерсия исправленияРелизТип
gitlabnot-affectedpackage

Примечания

  • https://hackerone.com/reports/701144

  • https://about.gitlab.com/releases/2019/10/07/security-release-gitlab-12-dot-3-dot-5-released/

Связанные уязвимости

ubuntu логотип

CVE-2019-15590

CVSS3: 7.5
ubuntu
больше 5 лет назад

An access control issue exists in < 12.3.5, < 12.2.8, and < 12.1.14 for GitLab Community Edition (CE) and Enterprise Edition (EE) where private merge requests and issues would be disclosed with the Group Search feature provided by Elasticsearch integration

nvd логотип

CVE-2019-15590

CVSS3: 7.5
nvd
больше 5 лет назад

An access control issue exists in < 12.3.5, < 12.2.8, and < 12.1.14 for GitLab Community Edition (CE) and Enterprise Edition (EE) where private merge requests and issues would be disclosed with the Group Search feature provided by Elasticsearch integration

github логотип

GHSA-83w3-58xf-86mr

github
около 3 лет назад

An access control issue exists in < 12.3.5, < 12.2.8, and < 12.1.14 for GitLab Community Edition (CE) and Enterprise Edition (EE) where private merge requests and issues would be disclosed with the Group Search feature provided by Elasticsearch integration