EUVD-2019-6545

Malware in sbrugna...

CVE-2019-15577

An information disclosure vulnerability exists in GitLab CE/EE...

CVE-2019-15577

An information disclosure vulnerability exists in GitLab CE/EE v12.3.2, v12.2.6, and v12.1.12 that allowed project milestones to be disclosed via groups browsing...

CVE-2019-15577

An information disclosure vulnerability exists in GitLab CE/EE v12.3.2, v12.2.6, and v12.1.12 that allowed project milestones to be disclosed via groups browsing...

Information disclosure

An information disclosure vulnerability exists in GitLab CE/EE v12.3.2, v12.2.6, and v12.1.12 that allowed project milestones to be disclosed via groups browsing...

CVE-2019-15577

An information disclosure vulnerability exists in GitLab CE/EE v12.3.2, v12.2.6, and v12.1.12 that allowed project milestones to be disclosed via groups browsing...

CVE-2019-15577

Removed by vendor...

CVE-2018-19496

An issue was discovered in GitLab Community and Enterprise Edition 10.x and 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. There is an incorrect access control vulnerability that permits a user with insufficient privileges to promote a project milestone to a group milestone...

GitLab: Project Milestones Disclosed Via Groups When the Victim disabled milestones access in project settings

Reproduction steps: Create a public group and public project. Go to public project settings and disable the project settings to members only. F522796 If the attacker visits milestones via projects then may see 404 not found page...