CVE-2019-15592
CVE-2019-15592
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 1.0%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
14 Feb 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
GitLab 12.2.2 and below contains a security vulnerability that allows a guest user in a private project to see the merge request ID associated to an issue via the activity timeline.
Affected products
n/a · GitLabWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →