First published: Fri Apr 01 2022(Updated: )
Improper access control in Gitlab CE/EE versions 12.7 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1 allowed for project non-members to retrieve issue details when it was linked to an item from the vulnerability dashboard.
Credit: cve@gitlab.com cve@gitlab.com
Affected Software | Affected Version | How to fix |
---|---|---|
GitLab GitLab | >=12.7.0<=14.5.4 | |
GitLab GitLab | >=12.7.0<=14.5.4 | |
GitLab GitLab | >=14.6.0<=14.6.4 | |
GitLab GitLab | >=14.6.0<=14.6.4 | |
GitLab GitLab | =14.7.0 | |
GitLab GitLab | =14.7.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.