CVE-2019-12430
N/A
N/A
Summary
An issue was discovered in GitLab Community and Enterprise Edition 11.11. A specially crafted payload would allow an authenticated malicious user to execute commands remotely through the repository download feature. It allows Command Injection.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://about.gitlab.com/blog/categories/releases/
- https://about.gitlab.com/releases/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
References
- https://about.gitlab.com/blog/categories/releases/
- https://about.gitlab.com/releases/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.