First published: Mon Sep 09 2019(Updated: )
An issue was discovered in GitLab Community and Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. It allows Information Disclosure (issue 4 of 6). In some cases, users without project permissions will receive emails after a project move. For private projects, this will disclose the new project namespace to an unauthorized user.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
GitLab GitLab | >=6.5.0<11.5.8 | |
GitLab GitLab | >=6.5.0<11.5.8 | |
GitLab GitLab | >=11.6.0<11.6.6 | |
GitLab GitLab | >=11.6.0<11.6.6 | |
GitLab GitLab | >=11.7.0<11.7.1 | |
GitLab GitLab | >=11.7.0<11.7.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.