In GitLab before 13.0.12, 13.1.6, and 13.2.3, improper access control was used on the Applications page
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Gitlab | Gitlab | 8.4.0 (including) | 13.0.12 (excluding) |
Gitlab | Gitlab | 13.1.0 (including) | 13.1.6 (excluding) |
Gitlab | Gitlab | 13.2.0 (including) | 13.2.3 (excluding) |
Gitlab | Ubuntu | esm-apps/xenial | * |
Gitlab | Ubuntu | xenial | * |