An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 prior to 14.5.4, all versions starting from 14.6 prior to 14.6.4, all versions starting from 14.7 prior to 14.7.1. GitLab search may allow authenticated users to search other users by their respective private emails even if a user set their email to private.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gitlab gitlab |