CVE-2019-6793

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2019-6793

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-6793.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-6793

Published

2019-09-09T20:15:12.120Z

Modified

2026-03-14T02:22:59.948015Z

Severity

7.0 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L CVSS Calculator

Summary

[none]

Details

An issue was discovered in GitLab Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The Jira integration feature is vulnerable to an unauthenticated blind SSRF issue.

References

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type

GIT

Repo

https://gitlab.com/gitlab-org/gitlab

Events

Introduced

235b8d50ad14e7cdf4bc61c3df070f38dee97974

Fixed

abfb287f424b28a64807bf9ba12c4a909e8d9f86

Introduced

4c09765c6424a96be7c7ae7707db3bda4e9c4ab4

Fixed

e9c988e44da4af7bf7a3f01edc7eb1eccb348ff5

Introduced

c02f0d47774ac40ee0d1097d00d7980ef0c7012c

Fixed

51b69167426f1a15449328d5221a96d7306d7fc5

Database specific

{
    "versions": [
        {
            "introduced": "10.0.0"
        },
        {
            "fixed": "11.5.8"
        },
        {
            "introduced": "11.6.0"
        },
        {
            "fixed": "11.6.6"
        },
        {
            "introduced": "11.7.0"
        },
        {
            "fixed": "11.7.1"
        }
    ]
}

Affected versions

v11.*

v11.6.0-ee

v11.6.1-ee

v11.6.2-ee

v11.6.3-ee

v11.6.4-ee

v11.6.5-ee

v11.7.0-ee

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-6793.json"