Note:
This project will be discontinued after December 13, 2021. [more]
2020-03-10
An issue was discovered in GitLab Community and Enterprise Edition 9.2 through 12.0.2. Uploaded files associated with unsaved personal snippets were accessible to unauthorized users due to improper permission settings. It has Incorrect Access Control.
Products | Gitlab |
Type | Uncontrolled Resource Consumption (CWE-400) |
First patch | - None (likely due to unavailable code) |
Links |
• https://about.gitlab.com/releases/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
• https://about.gitlab.com/blog/categories/releases/ |