ghsa-83w3-58xf-86mr
Vulnerability from github
Published
2022-05-24 17:07
Modified
2022-05-24 17:07
Details
An access control issue exists in < 12.3.5, < 12.2.8, and < 12.1.14 for GitLab Community Edition (CE) and Enterprise Edition (EE) where private merge requests and issues would be disclosed with the Group Search feature provided by Elasticsearch integration
{ "affected": [], "aliases": [ "CVE-2019-15590" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2020-01-28T03:15:00Z", "severity": "MODERATE" }, "details": "An access control issue exists in \u003c 12.3.5, \u003c 12.2.8, and \u003c 12.1.14 for GitLab Community Edition (CE) and Enterprise Edition (EE) where private merge requests and issues would be disclosed with the Group Search feature provided by Elasticsearch integration", "id": "GHSA-83w3-58xf-86mr", "modified": "2022-05-24T17:07:32Z", "published": "2022-05-24T17:07:32Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15590" }, { "type": "WEB", "url": "https://hackerone.com/reports/701144" }, { "type": "WEB", "url": "https://about.gitlab.com/releases/2019/10/07/security-release-gitlab-12-dot-3-dot-5-released" } ], "schema_version": "1.4.0", "severity": [] }
Loading...