VYPR
Unrated severityNVD Advisory· Published Jan 28, 2020· Updated Aug 5, 2024

CVE-2019-15581

CVE-2019-15581

Description

An IDOR exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) that allowed a project owner or maintainer to see the members of any private group via merge request approval rules.

Affected products

2
  • GitLab Inc./GitLabllm-fuzzy2 versions
    <12.3.2, <12.2.6, <12.1.12+ 1 more
    • (no CPE)range: <12.3.2, <12.2.6, <12.1.12
    • (no CPE)range: before 12.3.2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.