CVE-2019-5465 - AskarLabs CVE Database

CVE-2019-5465

Vendor Gitlab

Product GitLab CE/EE

Weakness CWE-200 · Info exposure

Published January 28, 2020

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

An information disclosure issue was discovered in GitLab CE/EE 8.14 and later, by using the move issue feature which could result in disclosure of the newly created issue ID.

Key dates

02Disclosure timeline

January 28, 2020 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2019-5465 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/200.html

Related vulnerabilities

04Related CVE

CVE-2026-0717 LottieFiles – Lottie block for Gutenberg <= 3.0.0 - Unauthenticated Sensitive Information Exposure CVE-2023-1775 Unsanitized events sent over Websocket to regular users in a High Availability environment CVE-2026-40374 Microsoft Power Automate Desktop Information Disclosure Vulnerability CVE-2021-24948 The Plus Addons for Elementor Pro < 5.0.7 - Sensitive Data Disclosure CVE-2023-4177 EmpowerID Multi-Factor Authentication Code information disclosure

Identifiers

CVE CVE-2019-5465

CWE CWE-200

Affected versions

Vendor Gitlab

Product GitLab CE/EE

Affected Affects GitLab CE/EE 8.14 and later

Vendor Gitlab

Product GitLab CE/EE

Affected Fixed in 12.1.2 in 12.0.4 and in 11.11.6