A vulnerability was discovered in GitLab versions prior 13.1. Under certain conditions private merge requests could be read via Todos
Name | Vendor | Start Version | End Version |
---|---|---|---|
Gitlab | Gitlab | 8.5.0 (including) | 12.10.13 (excluding) |
Gitlab | Gitlab | 13.0.0 (including) | 13.0.8 (excluding) |
Gitlab | Gitlab | 13.1.0 (including) | 13.1.2 (excluding) |
Gitlab | Ubuntu | esm-apps/xenial | * |
Gitlab | Ubuntu | xenial | * |