PT-2019-12368 · Gitlab · Gitlab Ce/Ee+1

Xanbanx

Published

2019-09-09

Updated

2019-09-10

CVE-2019-11545

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions GitLab Community Edition versions 11.9.x through 11.9.9 GitLab Community Edition versions 11.10.x through 11.10.1

Description An issue allows information disclosure when an issue is moved to a private project, leaking the private project namespace to unauthorized users with access to the original issue.

Recommendations For GitLab Community Edition versions 11.9.x through 11.9.9, update to version 11.9.10 or later. For GitLab Community Edition versions 11.10.x through 11.10.1, update to version 11.10.2 or later.

Exploit

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2019-11545

Affected Products

Gitlab

Gitlab Ce/Ee

PT-2019-12368 · Gitlab · Gitlab Ce/Ee+1

CVE-2019-11545

Weakness Enumeration

Related Identifiers

Affected Products

References · 6