CVE-2019-14942

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2019-14942
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-14942.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2019-14942
Related
Published
2023-04-16T00:15:07.190Z
Modified
2026-03-13T00:44:10.157164Z
Severity
  • 5.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

An issue was discovered in GitLab Community and Enterprise Edition before 11.11.8, 12 before 12.0.6, and 12.1 before 12.1.6. Cookies for GitLab Pages (which have access control) could be sent over cleartext HTTP.

References

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type
GIT
Repo
https://gitlab.com/gitlab-org/gitlab
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
e2d0c51ffc5960df2000d0e06f49389bf71740a0
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
e2d0c51ffc5960df2000d0e06f49389bf71740a0
Introduced
3b13818e8330f68625d80d9bf5d8049c41fbe197
Fixed
a10ca0aa5fd74399bb29d9ec962e67ae08fce8c1
Introduced
3b13818e8330f68625d80d9bf5d8049c41fbe197
Fixed
a10ca0aa5fd74399bb29d9ec962e67ae08fce8c1
Introduced
1f2e6f3f6d84b8eab5526acdd69c38f5b78c3b0e
Fixed
d05ee0a9c1251eb41a468299bcc08c5716ade178
Introduced
1f2e6f3f6d84b8eab5526acdd69c38f5b78c3b0e
Fixed
d05ee0a9c1251eb41a468299bcc08c5716ade178
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "11.11.8"
        },
        {
            "introduced": "0"
        },
        {
            "fixed": "11.11.8"
        },
        {
            "introduced": "12.0.0"
        },
        {
            "fixed": "12.0.6"
        },
        {
            "introduced": "12.0.0"
        },
        {
            "fixed": "12.0.6"
        },
        {
            "introduced": "12.1.0"
        },
        {
            "fixed": "12.1.6"
        },
        {
            "introduced": "12.1.0"
        },
        {
            "fixed": "12.1.6"
        }
    ]
}

Affected versions

v12.*
v12.0.0-ee
v12.0.1-ee
v12.0.2-ee
v12.0.3-ee
v12.0.4-ee
v12.1.0-ee
v12.1.1-ee
v12.1.2-ee
v12.1.3-ee
v12.1.4-ee

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-14942.json"