CVE-2019-15592 - AskarLabs CVE Database

CVE-2019-15592

Vendor N/A

Product GitLab

Weakness CWE-200 · Info exposure

Published February 14, 2020

Last update August 5, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

GitLab 12.2.2 and below contains a security vulnerability that allows a guest user in a private project to see the merge request ID associated to an issue via the activity timeline.

Key dates

02Disclosure timeline

February 14, 2020 CVE published

August 5, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2019-15592 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/200.html

Related vulnerabilities

04Related CVE

CVE-2022-23546 Discourse vulnerable to private topic leak via email#send_digest CVE-2023-45147 Arbitrary keys can be added to a topic's custom fields by any user in Discourse CVE-2022-36074 Authentication headers exposed on by Nextcloud Server CVE-2024-43046 Information Exposure in TZ Secure OS CVE-2023-35934 yt-dlp File Downloader cookie leak