First published: Mon Sep 16 2019(Updated: )
An issue was discovered in GitLab Community and Enterprise Edition through 12.2.1. Embedded images and media files in markdown could be pointed to an arbitrary server, which would reveal the IP address of clients requesting the file from that server.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GitLab GitLab | <12.0.8 | |
GitLab GitLab | <12.0.8 | |
GitLab GitLab | >=12.1.0<12.1.8 | |
GitLab GitLab | >=12.1.0<12.1.8 | |
GitLab GitLab | >=12.2.0<12.2.3 | |
GitLab GitLab | >=12.2.0<12.2.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.