4
CVSSv2

CVE-2019-19259

Published: 03/01/2020 Updated: 06/01/2020
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N

Vulnerability Summary

GitLab Enterprise Edition (EE) 11.3 and later up to and including 12.5 allows an Insecure Direct Object Reference (IDOR).

Vulnerability Trend

Affected Products

Vendor Product Versions
GitlabGitlab11.3.0, 11.3.1, 11.3.2, 11.3.3, 11.3.4, 11.3.5, 11.3.6, 11.3.7, 11.3.8, 11.3.9, 11.3.10, 11.3.11, 11.3.12, 11.3.13, 11.3.14, 11.4.0, 11.4.1, 11.4.2, 11.4.3, 11.4.4, 11.4.5, 11.4.6, 11.4.7, 11.4.8, 11.4.9, 11.4.10, 11.4.11, 11.4.12, 11.4.13, 11.4.14, 11.5.0, 11.5.1, 11.5.2, 11.5.3, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10, 11.5.11, 11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.6.4, 11.6.5, 11.6.6, 11.6.7, 11.6.8, 11.6.9, 11.6.10, 11.6.11, 11.7.0, 11.7.1, 11.7.2, 11.7.3, 11.7.4, 11.7.5, 11.7.6, 11.7.7, 11.7.8, 11.7.10, 11.7.11, 11.7.12, 11.8.0, 11.8.1, 11.8.2, 11.8.3, 11.8.4, 11.8.6, 11.8.7, 11.8.8, 11.8.9, 11.8.10, 11.9.0, 11.9.1, 11.9.2, 11.9.3, 11.9.4, 11.9.5, 11.9.6, 11.9.7, 11.9.8, 11.9.9, 11.9.10, 11.9.11, 11.9.12, 11.10.0, 11.10.1, 11.10.2, 11.10.3, 11.10.4, 11.10.5, 11.10.6, 11.10.7, 11.10.8, 11.11.0, 11.11.1, 11.11.2, 11.11.3, 11.11.4, 11.11.5, 11.11.6, 11.11.7, 11.11.8, 11.13.14, 12.0, 12.0.0, 12.0.1, 12.0.2, 12.0.3, 12.0.4, 12.0.6, 12.0.7, 12.0.8, 12.0.9, 12.1.0, 12.1.1, 12.1.2, 12.1.3, 12.1.4, 12.1.5, 12.1.6, 12.1.8, 12.1.9, 12.1.10, 12.1.11, 12.1.12, 12.1.13, 12.2.0, 12.2.1, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7, 12.3.0, 12.3.1, 12.3.2, 12.3.3, 12.4.0