GitLab 12.6 through 12.9 is vulnerable to a privilege escalation that allows an external user to create a personal snippet through the API.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Gitlab | Gitlab | 12.6.0 | * |
Gitlab | Gitlab | 12.6.0 | * |
Gitlab | Gitlab | 12.8.0 | * |
Gitlab | Gitlab | 12.8.0 | * |
Gitlab | Gitlab | 12.9.0 | * |
Gitlab | Gitlab | 12.9.0 | * |