What the vulnerability does
01Description
An improper access control vulnerability exists in Gitlab EE <v12.3.3, <v12.2.7, & <v12.1.13 that allowed the group search feature with Elasticsearch to return private code, merge requests and commits.
CVSS base score
—
Key dates
02Disclosure timeline
December 18, 2019
CVE published
August 4, 2024
Record updated
External resources
03References
Related vulnerabilities
