CVE-2019-12433 — Improper Input Validation in Gitlab
Severity
5.3MEDIUMNVD
EPSS
0.1%
top 78.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 10
Latest updateMay 24
Description
An issue was discovered in GitLab Community and Enterprise Edition 11.7 through 11.11. It has Improper Input Validation. Restricted visibility settings allow creating internal projects in private groups, leading to multiple permission issues.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 3.9 | Impact: 1.4
Affected Packages3 packages
🔴Vulnerability Details
1GHSA▶
GHSA-gpxf-jmjf-rr7p: An issue was discovered in GitLab Community and Enterprise Edition 11↗2022-05-24
📋Vendor Advisories
2GitLab▶
CVE-2019-12433: An issue was discovered in GitLab Community and Enterprise Edition 11.7 through 11.11. It has Improper Input Validation. Restricted visibility setting↗2020-03-10
Debian▶
CVE-2019-12433: gitlab - An issue was discovered in GitLab Community and Enterprise Edition 11.7 through ...↗2019