Note:
This project will be discontinued after December 13, 2021. [more]
2019-05-29
An issue was discovered in GitLab Community and Enterprise Edition 10.x and 11.x before 11.5.10, 11.6.x before 11.6.8, and 11.7.x before 11.7.3. It has Incorrect Access Control. The GitLab pipelines feature is vulnerable to authorization issues that allow unauthorized users to view job information.
| Products | Gitlab |
| Type | Improper Access Control (CWE-284) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
• https://gitlab.com/gitlab-org/gitlab-ce/issues/54358 |