CVE-2019-19312

2020-01-05T22:15:00
ID CVE-2019-19312
Type cve
Reporter cve@mitre.org
Modified 2020-01-09T20:18:00

Description

GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6 has Incorrect Access Control. After a project changed to private, previously forked repositories were still able to get information about the private project through the API.