Gitlab Enterprise Edition version 10.3 is vulnerable to an authorization bypass issue in the GitLab Projects::BoardsController component resulting in an information disclosure on any board object.
2018-03-21T20:29:00.527
2024-11-21T03:03:54.263
Modified
CVSSv3.0: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:P/I:N/A:N
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | gitlab | gitlab | ≤ 9.5.10 | Yes |
| Application | gitlab | gitlab | ≤ 9.5.10 | Yes |
| Application | gitlab | gitlab | ≤ 10.1.5 | Yes |
| Application | gitlab | gitlab | ≤ 10.1.5 | Yes |
| Application | gitlab | gitlab | ≤ 10.2.5 | Yes |
| Application | gitlab | gitlab | ≤ 10.2.5 | Yes |
| Application | gitlab | gitlab | ≤ 10.3.3 | Yes |
| Application | gitlab | gitlab | ≤ 10.3.3 | Yes |