CVE-2019-9732

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2019-9732
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-9732.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2019-9732
Published
2019-05-29T17:29:00.570Z
Modified
2026-04-10T04:20:57.287805Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

An issue was discovered in GitLab Community and Enterprise Edition 10.x (starting from 10.8) and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control.

References

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type
GIT
Repo
https://gitlab.com/gitlab-org/gitlab
Events
Introduced
342f33beb2ce090cfabfd0a5e7327b78d04588bb
Last affected
075705a5f3bd9748d92cf48073bfe9e79b58f385
Introduced
342f33beb2ce090cfabfd0a5e7327b78d04588bb
Last affected
075705a5f3bd9748d92cf48073bfe9e79b58f385
Introduced
c6f72ac9a88521257991aa9a0cc6d558126f5bb9
Fixed
0a5900e492dd1a35f10af21f1c5d79de12484357
Introduced
c6f72ac9a88521257991aa9a0cc6d558126f5bb9
Fixed
0a5900e492dd1a35f10af21f1c5d79de12484357
Introduced
c02f0d47774ac40ee0d1097d00d7980ef0c7012c
Fixed
126e6c8a24116a81dd36c5124ecaf187516445e3
Introduced
c02f0d47774ac40ee0d1097d00d7980ef0c7012c
Fixed
126e6c8a24116a81dd36c5124ecaf187516445e3
Introduced
002a28279f5b3fd229f929bb1f40eb7b5fc87ee9
Fixed
39d0b2ef98d4dfb79a86d185ae23cb1a67e689aa
Introduced
002a28279f5b3fd229f929bb1f40eb7b5fc87ee9
Fixed
39d0b2ef98d4dfb79a86d185ae23cb1a67e689aa
Database specific 
{
    "versions": [
        {
            "introduced": "10.8.0"
        },
        {
            "last_affected": "10.8.7"
        },
        {
            "introduced": "10.8.0"
        },
        {
            "last_affected": "10.8.7"
        },
        {
            "introduced": "11.0.0"
        },
        {
            "fixed": "11.6.10"
        },
        {
            "introduced": "11.0.0"
        },
        {
            "fixed": "11.6.10"
        },
        {
            "introduced": "11.7.0"
        },
        {
            "fixed": "11.7.6"
        },
        {
            "introduced": "11.7.0"
        },
        {
            "fixed": "11.7.6"
        },
        {
            "introduced": "11.8.0"
        },
        {
            "fixed": "11.8.1"
        },
        {
            "introduced": "11.8.0"
        },
        {
            "fixed": "11.8.1"
        }
    ]
}

Affected versions

v11.*
v11.7.0-ee
v11.7.1-ee
v11.7.2-ee
v11.7.3-ee
v11.7.4-ee
v11.7.5-ee
v11.8.0-ee

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-9732.json"