CVE-2018-19575 (retired)

Priority
Description
GitLab CE/EE, versions 10.1 up to 11.x before 11.3.11, 11.4 before 11.4.8,
and 11.5 before 11.5.1, are vulnerable to an insecure direct object
reference issue that allows a user to make comments on a locked issue.
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
More Information

Updated: 2019-08-23 09:32:36 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)