Vulnerability Database

290,206

Total vulnerabilities in the database

CVE-2019-6960

An issue was discovered in GitLab Community and Enterprise Edition 9.x, 10.x, and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control. Access to the internal wiki is permitted when an external wiki service is enabled.

  • Published: Sep 9, 2019
  • Updated: Apr 13, 2023
  • CVE: CVE-2019-6960
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
gitlab / gitlab 11.7.0 11.7.1
gitlab / gitlab 11.6.0 11.6.6
gitlab / gitlab 11.0.0 11.5.8
gitlab / gitlab 10.0.0 10.8.7.x
gitlab / gitlab 9.3.0 9.3.7.x