Improper Access Control Vulnerability in GitLab <12.3.3 Allows Unauthorized Access to Container and Dependency Scanning Reports
CVE-2019-15591 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
An improper access control vulnerability exists in GitLab <12.3.3 that allows an attacker to obtain container and dependency scanning reports through the merge request widget even though public pipelines were disabled.
Learn more about our Web Application Penetration Testing UK.