CVE-2019-12825

CVE-2019-12825

Unauthorized Access to the Container Registry of other groups was discovered in GitLab Enterprise 12.0.0-pre. In other words, authenticated remote attackers can read Docker registries of other groups. When a legitimate user changes the path of a group, Docker registries are not adapted, leaving them in the old namespace. They are not protected and are available to all other users with no previous access to the repo.

Source: CVE-2019-12825

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다