Note:
This project will be discontinued after December 13, 2021. [more]
2019-05-16
An Insecure Permissions issue (issue 2 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. The GitLab Releases feature could allow guest users access to private information like release details and code information.
| Products | Gitlab |
| Type | Permission Issues (CWE-275) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://gitlab.com/gitlab-org/gitlab-ce/issues/56402
• https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/ • https://about.gitlab.com/blog/categories/releases/ |