CVE-2019-9890

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2019-9890
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-9890.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2019-9890
Published
2019-04-17T17:29:01.600Z
Modified
2026-04-10T04:21:00.781022Z
Severity
  • 9.1 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
Summary
[none]
Details

An issue was discovered in GitLab Community and Enterprise Edition 10.x and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Insecure Permissions.

References

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type
GIT
Repo
https://gitlab.com/gitlab-org/gitlab
Events
Introduced
235b8d50ad14e7cdf4bc61c3df070f38dee97974
Fixed
0a5900e492dd1a35f10af21f1c5d79de12484357
Introduced
235b8d50ad14e7cdf4bc61c3df070f38dee97974
Fixed
0a5900e492dd1a35f10af21f1c5d79de12484357
Introduced
c02f0d47774ac40ee0d1097d00d7980ef0c7012c
Fixed
126e6c8a24116a81dd36c5124ecaf187516445e3
Introduced
c02f0d47774ac40ee0d1097d00d7980ef0c7012c
Fixed
126e6c8a24116a81dd36c5124ecaf187516445e3
Introduced
002a28279f5b3fd229f929bb1f40eb7b5fc87ee9
Fixed
39d0b2ef98d4dfb79a86d185ae23cb1a67e689aa
Introduced
002a28279f5b3fd229f929bb1f40eb7b5fc87ee9
Fixed
39d0b2ef98d4dfb79a86d185ae23cb1a67e689aa
Database specific 
{
    "versions": [
        {
            "introduced": "10.0.0"
        },
        {
            "fixed": "11.6.10"
        },
        {
            "introduced": "10.0.0"
        },
        {
            "fixed": "11.6.10"
        },
        {
            "introduced": "11.7.0"
        },
        {
            "fixed": "11.7.6"
        },
        {
            "introduced": "11.7.0"
        },
        {
            "fixed": "11.7.6"
        },
        {
            "introduced": "11.8.0"
        },
        {
            "fixed": "11.8.1"
        },
        {
            "introduced": "11.8.0"
        },
        {
            "fixed": "11.8.1"
        }
    ]
}

Affected versions

v11.*
v11.7.0-ee
v11.7.1-ee
v11.7.2-ee
v11.7.3-ee
v11.7.4-ee
v11.7.5-ee
v11.8.0-ee

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-9890.json"