Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2019-15726

An issue was discovered in GitLab Community and Enterprise Edition through 12.2.1. Embedded images and media files in markdown could be pointed to an arbitrary server, which would reveal the IP address of clients requesting the file from that server.

  • Published: Sep 16, 2019
  • Updated: Apr 13, 2023
  • CVE: CVE-2019-15726
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.3
  • AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Software From Fixed in
gitlab / gitlab 12.2.0 12.2.3
gitlab / gitlab 12.1.0 12.1.8
gitlab / gitlab - 12.0.8