CVE-2018-19494

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2018-19494

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-19494.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-19494

Published

2019-07-10T15:15:11Z

Modified

2025-02-19T02:59:38.629437Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

An issue was discovered in GitLab Community and Enterprise Edition 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1. There is an incorrect access vulnerability that allows an unauthorized user to view private group names.

References

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type: GIT
Repo: https://gitlab.com/gitlab-org/gitlab
Events: Introduced

c6f72ac9a88521257991aa9a0cc6d558126f5bb9

Fixed

97bf583178874e2617c347c33ca30b9b33b97402

Affected versions

v11.*

v11.0.0.pre

v11.1.0.pre

v11.2.0.pre

v11.3.0-ee

v11.3.0-rc1

v11.3.0-rc1-ee

v11.3.0-rc10-ee

v11.3.0-rc11-ee

v11.3.0-rc2

v11.3.0-rc2-ee

v11.3.0-rc3

v11.3.0-rc3-ee

v11.3.0-rc4

v11.3.0-rc4-ee

v11.3.0-rc5

v11.3.0-rc5-ee

v11.3.0-rc6

v11.3.0-rc6-ee

v11.3.0-rc7-ee

v11.3.0-rc8-ee

v11.3.0-rc9-ee

v11.3.0.pre

v11.3.1-ee

v11.3.10-ee

v11.3.2-ee

v11.3.3-ee

v11.3.4-ee

v11.3.5-ee

v11.3.6-ee

v11.3.7-ee

v11.3.8-ee

v11.3.9-ee

v6.*

v6.0.0-ee

v6.0.0-ee.beta

v6.0.0-ee.rc1

v6.1.0-ee

v6.2.1

v6.2.2

v6.3.0-ee

v6.3.1-ee

v6.4.0-ee

v6.4.1

v6.4.2

v6.4.3

v6.5.0-ee

v6.5.1

v6.6.0-ee

v6.6.1

v6.6.2

v6.7.0-ee

v6.7.0.rc1-ee

v6.7.1

v6.7.2

v6.8.0-ee

v6.8.1

v7.*

v7.0.0-ee

v7.1.0-ee

v7.1.0.rc1-ee

v7.2.0.rc1-ee

v7.2.0.rc2-ee

v7.2.0.rc3-ee

v7.2.0.rc4-ee

v7.2.0.rc5-ee

v7.3.0-ee

v7.3.0.rc1-ee

v7.4.0-ee

v7.4.1-ee

v7.4.2-ee

v7.4.3-ee

v7.4.4-ee

v8.*

v8.11.0

v8.11.0-ee

v8.11.0-rc1

v8.11.0-rc1-ee

v8.11.0-rc2

v8.11.0-rc2-ee

v8.11.0-rc3

v8.11.0-rc3-ee

v8.11.0-rc4

v8.11.0-rc4-ee

v8.11.0-rc5

v8.11.0-rc5-ee

v8.11.0-rc6

v8.11.0-rc6-ee

v8.11.0-rc7

v8.11.0-rc7-ee

v8.11.1

v8.12.0

v8.12.0-ee

v8.12.0-rc1

v8.12.0-rc1-ee

v8.12.0-rc2

v8.12.0-rc2-ee

v8.12.0-rc3

v8.12.0-rc3-ee

v8.12.0-rc4

v8.12.0-rc4-ee

v8.12.0-rc5

v8.12.0-rc5-ee

v8.12.0-rc6

v8.12.0-rc6-ee

v8.12.0-rc7

v8.12.0-rc7-ee

v8.12.0.pre

v8.12.1

v8.12.1-ee

v8.12.2

v8.12.2-ee

v8.12.3-ee

v8.2.0-ee

v8.2.0.rc1

v8.2.0.rc1-ee

v8.2.0.rc2

v8.2.0.rc2-ee

v8.8.0

v8.8.0-ee

v8.8.0-rc1

v8.8.0-rc1-ee

v8.8.0-rc2

v8.8.0-rc2-ee

v8.8.1-ee