定价企业版

CVE-2019-5466

4.3MEDIUM

An IDOR was discovered in GitLab CE/EE 11.5 and later that allowed new merge requests endpoint to disclose label names.

发布于: 1/28/2020更新于: 11/21/2024

在NVD查看在MITRE查看

描述

An IDOR was discovered in GitLab CE/EE 11.5 and later that allowed new merge requests endpoint to disclose label names.

AI分析AI驱动

受影响产品

gitlabgitlab

gitlabgitlab

参考资料

https://about.gitlab.com/releases/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
PatchRelease NotesVendor Advisory
https://gitlab.com/gitlab-org/gitlab-ce/issues/59809
ExploitVendor Advisory
https://hackerone.com/reports/507113
Permissions Required
https://about.gitlab.com/releases/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
PatchRelease NotesVendor Advisory
https://gitlab.com/gitlab-org/gitlab-ce/issues/59809
ExploitVendor Advisory
https://hackerone.com/reports/507113
Permissions Required