Vulnerability Details CVE-2019-5463
An authorization issue was discovered in the GitLab CE/EE CI badge images endpoint which could result in disclosure of the build status. This vulnerability was addressed in 12.1.2, 12.0.4, and 11.11.6.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 24.1%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
Products affected by CVE-2019-5463
-
cpe:2.3:a:gitlab:gitlab:11.11.0
-
cpe:2.3:a:gitlab:gitlab:11.11.1
-
cpe:2.3:a:gitlab:gitlab:11.11.2
-
cpe:2.3:a:gitlab:gitlab:11.11.3
-
cpe:2.3:a:gitlab:gitlab:11.11.4
-
cpe:2.3:a:gitlab:gitlab:11.11.5
-
cpe:2.3:a:gitlab:gitlab:11.11.6
-
cpe:2.3:a:gitlab:gitlab:12.0.0
-
cpe:2.3:a:gitlab:gitlab:12.0.1
-
cpe:2.3:a:gitlab:gitlab:12.0.2
-
cpe:2.3:a:gitlab:gitlab:12.0.3
-
cpe:2.3:a:gitlab:gitlab:12.1.0
-
cpe:2.3:a:gitlab:gitlab:12.1.1