CVE-2019-5466 (NVD)- Vulnerability Info (edit)
An IDOR was discovered in GitLab CE/EE 11.5 and later that allowed new merge requests endpoint to disclose label names.
Information Exposure (CWE-200)
|First patch||- None (likely due to unavailable code)|
No patch was assigned yet.