4 matches found
CVE-2019-19312
GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6 has Incorrect Access Control. After a project changed to private, previously forked repositories were still able to get information about the private project through the API...
CVE-2019-19312
creationtimestamp| type| source ---|---|--- 2024-03-19 14:46:32+00:00| seen| https://t.me/ctinow/211548...
CVE-2019-19312
GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6 has Incorrect Access Control. After a project changed to private, previously forked repositories were still able to get information about the private project through the API...
CVE-2019-19312
GitLab EE 8.14–12.5, 12.4.3, and 12.3.6 suffer from Incorrect Access Control: after a project is made private, forked repositories could still query the API to obtain information about the private project. Impact is information disclosure via the API; no exploit details are provided beyond this. ...