GitLab CVE-2018-19575 Security Vulnerability



GitLab is prone to an security vulnerability.

Attackers can exploit this issue to make comments on a locked issue. This may aid in further attacks.

Information

Bugtraq ID: 109121
Class: Access Validation Error
CVE: CVE-2018-19575

Remote: Yes
Local: No
Published: Jul 10 2019 12:00AM
Updated: Jul 10 2019 12:00AM
Credit: James Ritchey
Vulnerable: Gitlab GitLab Enterprise Edition 11.5
Gitlab GitLab Enterprise Edition 11.4
Gitlab GitLab Enterprise Edition 11.3
Gitlab GitLab Enterprise Edition 10.1
Gitlab GitLab Community Edition 11.5
Gitlab GitLab Community Edition 11.4
Gitlab GitLab Community Edition 11.3
Gitlab GitLab Community Edition 10.1


Not Vulnerable: Gitlab GitLab Enterprise Edition 11.5.1
Gitlab GitLab Enterprise Edition 11.4.8
Gitlab GitLab Enterprise Edition 11.3.11
Gitlab GitLab Community Edition 11.5.1
Gitlab GitLab Community Edition 11.4.8
Gitlab GitLab Community Edition 11.3.11


Exploit


The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.


Related Posts