2 matches found
UBUNTU-CVE-2021-39876
In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee discloses the members of private groups...
PT-2022-11086 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 11.3 and later Description: The issue concerns the endpoint for auto-completing Assignee, which discloses the members of private groups. Recommendations: For GitLab CE/EE versions 11.3 and later, consider restricting...