CVE-2019-19254

Опубликовано: 03 янв. 2020

Источник: nvd

CVSS3: 5.3

CVSS2: 5

EPSS Низкий

Описание

GitLab Community Edition (CE) and Enterprise Edition (EE). 9.6 and later through 12.5 has Incorrect Access Control.

Ссылки

https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
Release Notes
Vendor Advisory
https://about.gitlab.com/blog/categories/releases/
Release Notes
Vendor Advisory
https://gitlab.com/gitlab-org/gitlab/issues/12219
Broken Link
Vendor Advisory
https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
Release Notes
Vendor Advisory
https://about.gitlab.com/blog/categories/releases/
Release Notes
Vendor Advisory
https://gitlab.com/gitlab-org/gitlab/issues/12219
Broken Link
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*

Версия от 9.6.0 (включая) до 12.5.1 (исключая)

cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*

Версия от 9.6.0 (включая) до 12.5.1 (исключая)

EPSS

Процентиль: 40%

0.00181

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2019-19254

CVSS3: 5.3

ubuntu

больше 5 лет назад

GitLab Community Edition (CE) and Enterprise Edition (EE). 9.6 and later through 12.5 has Incorrect Access Control.

CVE-2019-19254

CVSS3: 5.3

debian

больше 5 лет назад

GitLab Community Edition (CE) and Enterprise Edition (EE). 9.6 and lat ...

GHSA-3gvc-g7j2-9532

github

около 3 лет назад

GitLab Community Edition (CE) and Enterprise Edition (EE). 9.6 and later through 12.5 has Incorrect Access Control.

EPSS

Процентиль: 40%

0.00181

Низкий

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-200