CVE-2019-6240Path Traversal in Gitlab

CWE-22Path Traversal4 documents4 sources
Severity
7.5HIGHNVD
EPSS
0.1%
top 68.66%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
GitlabDebian Gitlab
Timeline
PublishedMar 25
Latest updateMay 14

Description

An issue was discovered in GitLab Community and Enterprise Edition before 11.4. It allows Directory Traversal.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

NVDgitlab/gitlab< 11.4.0
debiandebian/gitlab< gitlab 11.5.7+dfsg-1 (sid)
gitlabgitlab/gitlab

🔴Vulnerability Details

1
GHSA
GHSA-2w2f-9xfg-pc7q: An issue was discovered in GitLab Community and Enterprise Edition before 112022-05-14

📋Vendor Advisories

2
GitLab
CVE-2019-6240: An issue was discovered in GitLab Community and Enterprise Edition before 11.4. It allows Directory Traversal.2019-03-25
Debian
CVE-2019-6240: gitlab - An issue was discovered in GitLab Community and Enterprise Edition before 11.4. ...2019