vulnerability

FreeBSD: VID-1138B39E-6ABB-11E9-A685-001B217B3468 (CVE-2019-11546): Gitlab -- Multiple vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:S/C:N/I:P/A:N)	Apr 29, 2019	Apr 30, 2019	Sep 20, 2019

Severity

CVSS

(AV:N/AC:M/Au:S/C:N/I:P/A:N)

Published

Apr 29, 2019

Added

Apr 30, 2019

Modified

Sep 20, 2019

Description

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From VID-1138B39E-6ABB-11E9-A685-001B217B3468:

Gitlab reports:

Moving an Issue to Private Repo Leaks Project Namespace

Notification Emails Sent to Restricted Users

Unauthorized Comments on Confidential Issues

Merge Request Approval Count Inflation

Unsanitized Branch Names on New Merge Request Notification Emails

Improper Sanitation of Credentials in Gitaly

Solution

freebsd-upgrade-package-gitlab-ce

References

NVD-CVE-2019-11546

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today