exploitDog

CVE-2019-11544

Опубликовано: 09 сент. 2019

Источник: nvd

CVSS3: 4.3

CVSS2: 4

EPSS Низкий

Описание

An issue was discovered in GitLab Community and Enterprise Edition 8.x, 9.x, 10.x, and 11.x before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. It allows Information Disclosure. Non-member users who subscribe to notifications of an internal project with issue and repository restrictions will receive emails about restricted events.

Ссылки

https://about.gitlab.com/2019/04/29/security-release-gitlab-11-dot-10-dot-2-released/
Release Notes
Vendor Advisory
https://gitlab.com/gitlab-org/gitlab-ce/issues/58372
Exploit
Vendor Advisory
https://about.gitlab.com/2019/04/29/security-release-gitlab-11-dot-10-dot-2-released/
Release Notes
Vendor Advisory
https://gitlab.com/gitlab-org/gitlab-ce/issues/58372
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*

Версия от 8.1.0 (включая) до 8.17.8 (включая)

cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*

Версия от 8.1.0 (включая) до 8.17.8 (включая)

cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*

Версия от 9.0.0 (включая) до 9.3.7 (включая)

cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*

Версия от 9.0.0 (включая) до 9.3.7 (включая)

cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*

Версия от 10.0.0 (включая) до 10.8.7 (включая)

cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*

Версия от 10.0.0 (включая) до 10.8.7 (включая)

cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*

Версия от 11.0.0 (включая) до 11.8.9 (исключая)

cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*

Версия от 11.0.0 (включая) до 11.8.9 (исключая)

cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*

Версия от 11.9.0 (включая) до 11.9.10 (исключая)

cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*

Версия от 11.9.0 (включая) до 11.9.10 (исключая)

cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*

Версия от 11.10.0 (включая) до 11.10.2 (включая)

cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*

Версия от 11.10.0 (включая) до 11.10.2 (исключая)

EPSS

Процентиль: 31%

0.00114

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2019-11544

CVSS3: 4.3

ubuntu

почти 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition 8.x, 9.x, 10.x, and 11.x before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. It allows Information Disclosure. Non-member users who subscribe to notifications of an internal project with issue and repository restrictions will receive emails about restricted events.

CVE-2019-11544

CVSS3: 4.3

debian

почти 6 лет назад

An issue was discovered in GitLab Community and Enterprise Edition 8.x ...

GHSA-r998-qhmx-fp4x

github

около 3 лет назад

An issue was discovered in GitLab Community and Enterprise Edition 8.x, 9.x, 10.x, and 11.x before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. It allows Information Disclosure. Non-member users who subscribe to notifications of an internal project with issue and repository restrictions will receive emails about restricted events.

EPSS

Процентиль: 31%

0.00114

Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo