CVE-2019-13011

2020-03-10T18:15:00
ID CVE-2019-13011
Type cve
Reporter cve@mitre.org
Modified 2020-03-13T15:38:00

Description

An issue was discovered in GitLab Enterprise Edition 8.11.0 through 12.0.2. By using brute-force a user with access to a project, but not it's repository could create a list of merge requests template names. It has excessive algorithmic complexity.