A business logic error in GitLab EE affecting all versions before 16.2.8, 16.3 before 16.3.5, and 16.4 before 16.4.1 allows access to internal projects. A service account is not deleted when a namespace is deleted, allowing access to internal projects.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gitlab gitlab |
||
gitlab gitlab 16.4.0 |