Lucene search

Ubuntu.comUB:CVE-2019-6792

HistorySep 09, 2019 - 12:00 a.m.

CVE-2019-6792

2019-09-0900:00:00

ubuntu.com

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

46.4%

JSON

An issue was discovered in GitLab Community and Enterprise Edition before
11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It allows Path
Disclosure. When an error is encountered on project import, the error
message will display instance internal information.

Notes

Author	Note
msalvatore	Affects GitLab 8.9 and later.

References

about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/

launchpad.net/bugs/cve/CVE-2019-6792

nvd.nist.gov/vuln/detail/CVE-2019-6792

security-tracker.debian.org/tracker/CVE-2019-6792

www.cve.org/CVERecord?id=CVE-2019-6792

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

EPSS

0.001

Percentile

46.4%

JSON

Related for UB:CVE-2019-6792