CVE-2019-15592

Опубликовано: 14 фев. 2020

Источник: debian

EPSS Низкий

Описание

GitLab 12.2.2 and below contains a security vulnerability that allows a guest user in a private project to see the merge request ID associated to an issue via the activity timeline.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gitlab	fixed	12.0.8-1	experimental	package
gitlab	fixed	12.6.8-3		package

Примечания

https://about.gitlab.com/releases/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/

EPSS

Процентиль: 72%

0.00736

Низкий

Связанные уязвимости

CVE-2019-15592

CVSS3: 4.3

ubuntu

больше 5 лет назад

GitLab 12.2.2 and below contains a security vulnerability that allows a guest user in a private project to see the merge request ID associated to an issue via the activity timeline.

CVE-2019-15592

CVSS3: 4.3

nvd

больше 5 лет назад

GitLab 12.2.2 and below contains a security vulnerability that allows a guest user in a private project to see the merge request ID associated to an issue via the activity timeline.

GHSA-p39m-p32x-h8jq

CVSS3: 4.3

github

около 3 лет назад

GitLab 12.2.2 and below contains a security vulnerability that allows a guest user in a private project to see the merge request ID associated to an issue via the activity timeline.

EPSS

Процентиль: 72%

0.00736

Низкий