CVE-2019-15580
N/A
N/A
Summary
An information exposure vulnerability exists in gitlab.com <v12.3.2, <v12.2.6, and <v12.1.10 when using the blocking merge request feature, it was possible for an unauthenticated user to see the head pipeline data of a public project even though pipeline visibility was restricted.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | gitlab.com | 12.3.2, 12.2.6, and 12.1.10 | affected |
Weaknesses
- CWE-201: Information Exposure Through Sent Data (CWE-201)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.