An issue was discovered in GitLab Community Edition 11.9.x before 11.9.10 and 11.10.x before 11.10.2. It allows Information Disclosure. When an issue is moved to a private project, the private project namespace is leaked to unauthorized users with access to the original issue.
References
Link | Resource |
---|---|
https://gitlab.com/gitlab-org/gitlab-ce/issues/58939 | Exploit Vendor Advisory |
https://about.gitlab.com/2019/04/29/security-release-gitlab-11-dot-10-dot-2-released/ | Release Notes Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2019-09-09 12:15
Updated : 2019-09-10 15:38
NVD link : CVE-2019-11545
Mitre link : CVE-2019-11545
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
gitlab
- gitlab