{ "affected": [ { "ranges": [ { "database_specific": { "versions": [ { "introduced": "8.14.0" }, { "fixed": "12.0.8" }, { "introduced": "8.14.0" }, { "fixed": "12.0.8" }, { "introduced": "12.1.0" }, { "fixed": "12.1.8" }, { "introduced": "12.1.0" }, { "fixed": "12.1.8" }, { "introduced": "12.2.0" }, { "fixed": "12.2.3" }, { "introduced": "12.2.0" }, { "fixed": "12.2.3" } ] }, "events": [ { "introduced": "4ae57e0b374bbb8e461305d8a7a68b550bdd768d" }, { "fixed": "f24cca94101de4e53f2be08deba3a15254823808" }, { "introduced": "4ae57e0b374bbb8e461305d8a7a68b550bdd768d" }, { "fixed": "f24cca94101de4e53f2be08deba3a15254823808" }, { "introduced": "1f2e6f3f6d84b8eab5526acdd69c38f5b78c3b0e" }, { "fixed": "a9cdd7fb733c20e5f8790f71921cb6540b5ac92a" }, { "introduced": "1f2e6f3f6d84b8eab5526acdd69c38f5b78c3b0e" }, { "fixed": "a9cdd7fb733c20e5f8790f71921cb6540b5ac92a" }, { "introduced": "30032e00da906361c553a1eef4ffcd13378b43ee" }, { "fixed": "3a1dd80d30c720f1ba829178a698c3a34b7dfc25" }, { "introduced": "30032e00da906361c553a1eef4ffcd13378b43ee" }, { "fixed": "3a1dd80d30c720f1ba829178a698c3a34b7dfc25" } ], "repo": "https://gitlab.com/gitlab-org/gitlab", "type": "GIT" } ] } ], "details": "An issue was discovered in GitLab Community and Enterprise Edition 8.14 through 12.2.1. The Jira integration contains a SSRF vulnerability as a result of a bypass of the current protection mechanisms against this type of attack, which would allow sending requests to any resources accessible in the local network by the GitLab server.", "id": "CVE-2019-15730", "modified": "2026-03-13T21:49:57.309379319Z", "published": "2019-09-16T17:15:13.963Z", "references": [ { "type": "ADVISORY", "url": "https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/" }, { "type": "REPORT", "url": "https://gitlab.com/gitlab-org/gitlab-ce/issues/61349" } ], "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "type": "CVSS_V3" } ] }