Unrated severityNVD Advisory· Published Dec 18, 2019· Updated Aug 5, 2024

CVE-2019-15576

Description

An information disclosure vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 that allowed an attacker to view private system notes from a GraphQL endpoint.

Affected products

GitLab/GitLab CE/EEdescription
GitLab Inc./CE/EEllm-fuzzy
Range: <12.3.2, <12.2.6, <12.1.12
osv-coords4 versions
pkg:apk/chainguard/gitlab-operator pkg:apk/chainguard/gitlab-operator-charts pkg:apk/chainguard/gitlab-operator-compat pkg:apk/chainguard/gitlab-operator-fips
< 0+ 3 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

hackerone.com/reports/633001mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000