Description
An input validation problem was discovered in the GitHub service integration which could result in an attacker being able to make arbitrary POST requests in a GitLab instance's internal network. This vulnerability was addressed in 12.1.2, 12.0.4, and 11.11.6.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | GitLab Community Edition | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2019-15043 | An input validation problem was discovered in the GitHub service integration which could result in an attacker being able to make arbitrary POST requests in a GitLab instance's internal network. This vulnerability was addressed in 12.1.2, 12.0.4, and 11.11.6. |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: hackerone
Published:
Updated: 2024-08-04T19:54:53.487Z
Reserved: 2019-01-04T00:00:00.000Z
Link: CVE-2019-5461
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-09-09T17:15:14.003
Modified: 2024-11-21T04:44:58.737
Link: CVE-2019-5461
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses