Improper Removal of Sensitive Information Before Storage or Transfer in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.6 before 18.7.6, 18.8 before 18.8.6, and 18.9 before 18.9.2 that could have allowed an authenticated user to disclose confidential issue titles due to improper filtering under certain circumstances.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

敏感数据的不恰当跨边界移除

GitLab 安全漏洞

GitLab是美国GitLab公司的一个端到端软件开发平台，具有内置的版本控制、问题跟踪、代码审查、CI/CD（持续集成和持续交付）等功能。 GitLab CE和EE 18.7.6之前版本、18.8.6之前版本和18.9.2之前版本存在安全漏洞，该漏洞源于特定情况下过滤不当，可能导致经过身份验证的用户泄露机密问题标题。

N/A

N/A