vulnerability

FreeBSD: VID-da459dbc-5586-11e9-abd6-001b217b3468 (CVE-2019-10109): Gitlab -- Multiple vulnerabilities

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Apr 2, 2019

Added

Apr 3, 2019

Modified

Jun 15, 2026

Description

An Information Exposure issue (issue 1 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. EXIF geolocation data were not removed from images when uploaded to GitLab. As a result, anyone with access to the uploaded image could obtain its geolocation, device, and software version data (if present).

Solution

freebsd-upgrade-package-gitlab-ce

References

CVE-2019-10109
https://attackerkb.com/topics/CVE-2019-10109
CWE-200
EUVD-EUVD-2019-2152
https://euvd.enisa.europa.eu/vulnerability/EUVD-2019-2152

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report