CVE-2019-5469

Summary

An IDOR vulnerability exists in GitLab <v12.1.2, <v12.0.4, and <v11.11.6 that allowed uploading files from project archive to replace other users files potentially allowing an attacker to replace project binaries or other uploaded assets.

Affected Software

VendorProductVersion RangeStatus
n/aGitLabFixed versions 12.1.2, 12.0.4, and 11.11.6affected

Weaknesses

  • CWE-639: Insecure Direct Object Reference (IDOR) (CWE-639)

ADP Enrichment

CVE Program Container

Additional References

References