CVE-2019-19262 (NVD)

2020-01-03

GitLab Enterprise Edition (EE) 11.9 and later through 12.5 has Insecure Permissions.

Products Gitlab
Type Incorrect Authorization (CWE-863)
First patch - None (likely due to unavailable code)
Links https://about.gitlab.com/blog/categories/releases/
https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-2-released/