← Retour aux CVEs

CVE-2019-6792

MEDIUM

5.3

Description

An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It allows Path Disclosure. When an error is encountered on project import, the error message will display instance internal information.

Details CVE

Score CVSS v3.15.3

SeveriteMEDIUM

Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Vecteur d'attaqueNETWORK

ComplexiteLOW

Privileges requisNONE

Interaction utilisateurNONE

Publie9/9/2019

Derniere modification11/21/2024

Sourcenvd

Observations honeypot0

Produits affectes

gitlab:gitlab

Faiblesses (CWE)

CWE-209

References

https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/(cve@mitre.org)

https://gitlab.com/gitlab-org/gitlab-ce/issues/54867(cve@mitre.org)

https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/(af854a3a-2127-422b-91ae-364da2661108)

https://gitlab.com/gitlab-org/gitlab-ce/issues/54867(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.