Back to search
CVE-2019-5462
Published: Jan 28, 2020
Modified: Aug 4, 2024
PUBLISHED
Description
A privilege escalation issue was discovered in GitLab CE/EE 9.0 and later when trigger tokens are not rotated once ownership of them has changed.
| Vendor | Product | Versions |
|---|---|---|
GitLab | GitLab Community Edition and GitLab Enterprise Edition | affected Affects GitLab CE/EE 9.0 and lateraffected Fixed in 12.1.2 in 12.0.4 and in 11.11.6 |
References
https://hackerone.com/reports/495282
x_refsource_MISC
https://gitlab.com/gitlab-org/gitlab-ce/issues/58312
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now