What the vulnerability does

01Description

An IDOR vulnerability exists in GitLab <v12.1.2, <v12.0.4, and <v11.11.6 that allowed uploading files from project archive to replace other users files potentially allowing an attacker to replace project binaries or other uploaded assets.

Key dates

02Disclosure timeline

December 18, 2019 CVE published
August 4, 2024 Record updated

Related vulnerabilities

04Related CVE