CVE-2019-15591

Summary

An improper access control vulnerability exists in GitLab <12.3.3 that allows an attacker to obtain container and dependency scanning reports through the merge request widget even though public pipelines were disabled.

Affected Software

VendorProductVersion RangeStatus
n/aGitLab12.3.3affected

Weaknesses

  • CWE-284: Improper Access Control - Generic (CWE-284)

ADP Enrichment

CVE Program Container

Additional References

References