{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in GitLab Community and Enterprise Edition 9.x, 10.x, and 11.x before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. Gitaly has allows an information disclosure issue where HTTP/GIT credentials are included in logs on connection errors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-09-09T18:54:19", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://about.gitlab.com/2019/04/29/security-release-gitlab-11-dot-10-dot-2-released/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/57779"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-11549", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in GitLab Community and Enterprise Edition 9.x, 10.x, and 11.x before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. Gitaly has allows an information disclosure issue where HTTP/GIT credentials are included in logs on connection errors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://about.gitlab.com/2019/04/29/security-release-gitlab-11-dot-10-dot-2-released/", "refsource": "CONFIRM", "url": "https://about.gitlab.com/2019/04/29/security-release-gitlab-11-dot-10-dot-2-released/"}, {"name": "https://gitlab.com/gitlab-org/gitlab-ce/issues/57779", "refsource": "CONFIRM", "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/57779"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T22:55:40.960Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://about.gitlab.com/2019/04/29/security-release-gitlab-11-dot-10-dot-2-released/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/57779"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-11549", "datePublished": "2019-09-09T18:54:19", "dateReserved": "2019-04-25T00:00:00", "dateUpdated": "2024-08-04T22:55:40.960Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "matchCriteriaId": "A855DD8E-C4FD-4C93-9EC9-D2CEE9A36DE8", "versionEndIncluding": "9.3.7", "versionStartIncluding": "9.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "17EBDEFE-775B-4D7D-87CE-F3001276A385", "versionEndIncluding": "9.3.7", "versionStartIncluding": "9.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "matchCriteriaId": "90A2B0E7-9793-4CAB-B715-7000A0361C31", "versionEndIncluding": "10.8.7", "versionStartIncluding": "10.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "6F0E5540-3274-4ADF-8028-E3A4AD176661", "versionEndIncluding": "10.8.7", "versionStartIncluding": "10.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "matchCriteriaId": "237924B7-D373-40B6-BD51-25A5516B2144", "versionEndExcluding": "11.8.9", "versionStartIncluding": "11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "5901A255-870F-4104-989B-CDE9E5DF519B", "versionEndExcluding": "11.8.9", "versionStartIncluding": "11.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "matchCriteriaId": "FE126900-2E77-4CF7-B0BE-5A065106D01C", "versionEndExcluding": "11.9.10", "versionStartIncluding": "11.9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "B6AF88DF-B327-459A-AD0D-E664423929D2", "versionEndExcluding": "11.9.10", "versionStartIncluding": "11.9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "matchCriteriaId": "54B843C2-A346-4030-9A5B-2CCD36AC1668", "versionEndExcluding": "11.10.2", "versionStartIncluding": "11.10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "1C74096E-1CBF-42FA-89B7-B1EC374967A8", "versionEndExcluding": "11.10.2", "versionStartIncluding": "11.10.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in GitLab Community and Enterprise Edition 9.x, 10.x, and 11.x before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. Gitaly has allows an information disclosure issue where HTTP/GIT credentials are included in logs on connection errors."}, {"lang": "es", "value": "Se detect\u00f3 un problema en GitLab Community and Enterprise Edition versiones 9.x, 10.x y versiones 11.x anteriores a 11.8.9, versiones 11.9.x anteriores a 11.9.10 y versiones 11.10.x anteriores a 11.10.2. Gitaly permite un problema de divulgaci\u00f3n de informaci\u00f3n en el que las credenciales HTTP/GIT son incluidas en los registros de errores de conexi\u00f3n."}], "id": "CVE-2019-11549", "lastModified": "2024-11-21T04:21:19.570", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-09-09T19:15:11.033", "references": [{"source": "cve@mitre.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://about.gitlab.com/2019/04/29/security-release-gitlab-11-dot-10-dot-2-released/"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Vendor Advisory"], "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/57779"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://about.gitlab.com/2019/04/29/security-release-gitlab-11-dot-10-dot-2-released/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/57779"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-532"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}