Information disclosure in Gitlab Community Edition - CVE-2019-15733
Published: September 16, 2019 / Updated: July 17, 2020
Vulnerability identifier: #VU30761
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2019-15733
CWE-ID: CWE-200
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: GitLab, Inc
Affected software:
Gitlab Community Edition
Gitlab Community Edition
Detailed vulnerability description
The vulnerability allows a remote authenticated user to gain access to sensitive information.
An issue was discovered in GitLab Community and Enterprise Edition 7.12 through 12.2.1. The specified default branch name could be exposed to unauthorized users.
How to mitigate CVE-2019-15733
Install update from vendor's website.