GitLab EE, versions 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, is vulnerable to an insecure direct object reference vulnerability that allows authenticated, but unauthorized, users to view members and milestone details of private groups.
Metrics
Affected Vendors & Products
References
History
No history.
![cve-icon](/static/img/cve-icon.png)
Status: PUBLISHED
Assigner: mitre
Published: 2019-07-10T16:50:06
Updated: 2024-08-05T11:37:11.528Z
Reserved: 2018-11-26T00:00:00
Link: CVE-2018-19584
![cve-icon](/static/img/cisa-icon.png)
No data.
![cve-icon](/static/img/nvd-icon.png)
Status : Modified
Published: 2019-07-10T17:15:12.007
Modified: 2024-11-21T03:58:14.160
Link: CVE-2018-19584
![cve-icon](/static/img/redhat-icon.png)
No data.