Note:
This project will be discontinued after December 13, 2021. [more]
2019-09-16
An issue was discovered in GitLab Community and Enterprise Edition 8.6 through 12.2.1. Under very specific conditions, commit titles and team member comments could become viewable to users who did not have permission to access these.
| Products | Gitlab |
| Type | Information Exposure (CWE-200) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
• https://gitlab.com/gitlab-org/gitlab-ce/issues/64711 |