CVE-2019-18462 — Incorrect Permission Assignment in Gitlab
CWE-732 — Incorrect Permission AssignmentCWE-269 — Improper Privilege Management4 documents4 sources
Severity
4.3MEDIUMNVD
EPSS
0.1%
top 78.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 26
Latest updateMay 24
Description
An issue was discovered in GitLab Community and Enterprise Edition 11.3 through 12.4. It has Insecure Permissions.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 2.8 | Impact: 1.4
Affected Packages3 packages
🔴Vulnerability Details
1GHSA▶
GHSA-w772-f4fj-g5xq: An issue was discovered in GitLab Community and Enterprise Edition 11↗2022-05-24