An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control.
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Gitlab | Gitlab | 9.1.0 (including) | 11.4.13 (excluding) |
Gitlab | Gitlab | 11.5.0 (including) | 11.5.6 (excluding) |
Gitlab | Gitlab | 11.6.0 (including) | 11.6.1 (excluding) |
Gitlab | Ubuntu | upstream | * |