2 matches found
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization via the release notification process. An attacker can receive unauthorized information about private repository releases by maintaining a watch on a repository that was changed from public to private, even after...
CVE-2019-10115
An Insecure Permissions issue issue 2 of 3 was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. The GitLab Releases feature could allow guest users access to private information like release details and code information...