Vulnerability Details CVE-2019-11545
An issue was discovered in GitLab Community Edition 11.9.x before 11.9.10 and 11.10.x before 11.10.2. It allows Information Disclosure. When an issue is moved to a private project, the private project namespace is leaked to unauthorized users with access to the original issue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.2%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 4.0
References
Products affected by CVE-2019-11545
-
cpe:2.3:a:gitlab:gitlab:11.10.0
-
cpe:2.3:a:gitlab:gitlab:11.10.1
-
cpe:2.3:a:gitlab:gitlab:11.9.0
-
cpe:2.3:a:gitlab:gitlab:11.9.1
-
cpe:2.3:a:gitlab:gitlab:11.9.2
-
cpe:2.3:a:gitlab:gitlab:11.9.3
-
cpe:2.3:a:gitlab:gitlab:11.9.4
-
cpe:2.3:a:gitlab:gitlab:11.9.5
-
cpe:2.3:a:gitlab:gitlab:11.9.6
-
cpe:2.3:a:gitlab:gitlab:11.9.7
-
cpe:2.3:a:gitlab:gitlab:11.9.8
-
cpe:2.3:a:gitlab:gitlab:11.9.9