CVE-2019-19257 (NVD)

2020-01-03

GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 has Incorrect Access Control (issue 1 of 2).

Products Gitlab
Type Information Exposure (CWE-200)
First patch - None (likely due to unavailable code)
Links https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
https://about.gitlab.com/blog/categories/releases/