Unrated severityNVD Advisory· Published May 16, 2019· Updated Aug 4, 2024
CVE-2019-10112
CVE-2019-10112
Description
An issue was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. The construction of the HMAC key was insecurely derived.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- GitLab/Community and Enterprise Editiondescription
- Range: before 11.7.8, 11.8.x before 11.8.4, 11.9.x before 11.9.2
- osv-coords4 versionspkg:apk/chainguard/gitlab-operatorpkg:apk/chainguard/gitlab-operator-chartspkg:apk/chainguard/gitlab-operator-compatpkg:apk/chainguard/gitlab-operator-fips
< 0+ 3 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
Patches
Vulnerability mechanics
References
3- about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/mitrex_refsource_MISC
- about.gitlab.com/blog/categories/releases/mitrex_refsource_MISC
- gitlab.com/gitlab-org/gitlab-ee/issues/9730mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.