CVE-2019-15734

MEDIUM

Description

An issue was discovered in GitLab Community and Enterprise Edition 8.6 through 12.2.1. Under very specific conditions, commit titles and team member comments could become viewable to users who did not have permission to access these.

References

https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/

https://gitlab.com/gitlab-org/gitlab-ce/issues/64711

Details

Source: MITRE

Published: 2019-09-16

Updated: 2019-09-18

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 4

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 8

Severity: MEDIUM