A specially crafted request could be used to confirm the existence of files hosted on object storage services, without disclosing their contents. This vulnerability affects GitLab CE/EE 12.10 and later through 13.0.1
CPE | Name | Operator | Version |
---|---|---|---|
gitlab | eq | 11.3.0.pre | |
gitlab | eq | 8.12.0-rc7 | |
gitlab | eq | 8.2.0-ee | |
gitlab | eq | 7.4.3 | |
gitlab | eq | 10.8.0.pre | |
gitlab | eq | 7.4.2 | |
gitlab | eq | 8.12.1-ee | |
gitlab | eq | 8.2.0.rc1 | |
gitlab | eq | 11.1.0.pre | |
gitlab | eq | 8.11.0-rc5 |