CVE-2019-19309 (NVD)

2020-01-03

GitLab Enterprise Edition (EE) 8.90 and later through 12.5 has Incorrect Access Control.

Products Gitlab
Type Information Exposure (CWE-200)
First patch - None (likely due to unavailable code)
Links https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
https://about.gitlab.com/blog/categories/releases/