Note:
This project will be discontinued after December 13, 2021. [more]
2019-09-09
An issue was discovered in GitLab Community and Enterprise Edition 8.x, 9.x, 10.x, and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It has Incorrect Access Control. Users are able to comment on locked project issues.
| Products | Gitlab |
| Type | Improper Preservation of Permissions (CWE-281) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
• https://gitlab.com/gitlab-org/gitlab-ce/issues/55537 |