admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-09-17 18:45:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2019/CVE-2019-115xx/CVE-2019-11549.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

195 lines
6.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2019-11549",
"sourceIdentifier": "cve@mitre.org",
"published": "2019-09-09T19:15:11.033",
"lastModified": "2024-11-21T04:21:19.570",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in GitLab Community and Enterprise Edition 9.x, 10.x, and 11.x before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. Gitaly has allows an information disclosure issue where HTTP/GIT credentials are included in logs on connection errors."
},
{
"lang": "es",
"value": "Se detect\u00f3 un problema en GitLab Community and Enterprise Edition versiones 9.x, 10.x y versiones 11.x anteriores a 11.8.9, versiones 11.9.x anteriores a 11.9.10 y versiones 11.10.x anteriores a 11.10.2. Gitaly permite un problema de divulgaci\u00f3n de informaci\u00f3n en el que las credenciales HTTP/GIT son incluidas en los registros de errores de conexi\u00f3n."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"baseScore": 4.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-532"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "9.0.0",
"versionEndIncluding": "9.3.7",
"matchCriteriaId": "A855DD8E-C4FD-4C93-9EC9-D2CEE9A36DE8"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "9.0.0",
"versionEndIncluding": "9.3.7",
"matchCriteriaId": "17EBDEFE-775B-4D7D-87CE-F3001276A385"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "10.0.0",
"versionEndIncluding": "10.8.7",
"matchCriteriaId": "90A2B0E7-9793-4CAB-B715-7000A0361C31"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "10.0.0",
"versionEndIncluding": "10.8.7",
"matchCriteriaId": "6F0E5540-3274-4ADF-8028-E3A4AD176661"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "11.0.0",
"versionEndExcluding": "11.8.9",
"matchCriteriaId": "237924B7-D373-40B6-BD51-25A5516B2144"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "11.0.0",
"versionEndExcluding": "11.8.9",
"matchCriteriaId": "5901A255-870F-4104-989B-CDE9E5DF519B"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "11.9.0",
"versionEndExcluding": "11.9.10",
"matchCriteriaId": "FE126900-2E77-4CF7-B0BE-5A065106D01C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "11.9.0",
"versionEndExcluding": "11.9.10",
"matchCriteriaId": "B6AF88DF-B327-459A-AD0D-E664423929D2"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"versionStartIncluding": "11.10.0",
"versionEndExcluding": "11.10.2",
"matchCriteriaId": "54B843C2-A346-4030-9A5B-2CCD36AC1668"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"versionStartIncluding": "11.10.0",
"versionEndExcluding": "11.10.2",
"matchCriteriaId": "1C74096E-1CBF-42FA-89B7-B1EC374967A8"
}
]
}
]
}
],
"references": [
{
"url": "https://about.gitlab.com/2019/04/29/security-release-gitlab-11-dot-10-dot-2-released/",
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/57779",
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
]
},
{
"url": "https://about.gitlab.com/2019/04/29/security-release-gitlab-11-dot-10-dot-2-released/",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
]
},
{
"url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/57779",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink