CVE-2019-5474

CVE-2019-5474

Vendor Gitlab

Product GitLab EE

Weakness CWE-284

Published January 28, 2020

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

An authorization issue was discovered in GitLab EE < 12.1.2, < 12.0.4, and < 11.11.6 allowing the merge request approval rules to be overridden without appropriate permissions.

Key dates

02Disclosure timeline

January 28, 2020 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2019-5474 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/284.html

Related vulnerabilities

Identifiers

CVE CVE-2019-5474

CWE CWE-284

Affected versions

Vendor Gitlab

Product GitLab EE

Affected before 12.1.2

Vendor Gitlab

Product GitLab EE

Affected before 12.0.4

Vendor Gitlab

Product GitLab EE

Affected before 11.11.6

01Description

02Disclosure timeline

03References

04Related CVE