CVE-2019-15728 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2019-15728 Interim 1 3 2021-06-09T13:36:46Z current 2021-05-30T14:31:22Z 2021-06-09T13:36:46Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2019-15728 An issue was discovered in GitLab Community and Enterprise Edition 10.1 through 12.2.1. Protections against SSRF attacks on the Kubernetes integration are insufficient, which could have allowed an attacker to request any local network resource accessible from the GitLab server. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings An issue was discovered in GitLab Community and Enterprise Edition 10.1 through 12.2.1. Protections against SSRF attacks on the Kubernetes integration are insufficient, which could have allowed an attacker to request any local network resource accessible from the GitLab server. CVE-2019-15728 moderate 5 AV:N/AC:L/Au:N/C:N/I:P/A:N