Ashish R. Padelkar

**Name of the Vulnerable Software and Affected Versions** GitLab Community and Enterprise Edition versions prior to 11.6.10 GitLab Community and Enterprise Edition versions 11.7.x prior to 11.7.6 GitLab Community and Enterprise Edition versions 11.8.x prior to 11.8.1 **Description** An issue was discovered that allows Information Exposure. **Recommendations** For GitLab Community and Enterprise Edition versions prior to 11.6.10, update to version 11.6.10 or later. For GitLab Community and Enterprise Edition versions 11.7.x prior to 11.7.6, update to version 11.7.6 or later. For GitLab Community and Enterprise Edition versions 11.8.x prior to 11.8.1, update to version 11.8.1 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab Community and Enterprise Edition versions prior to 11.6.10 GitLab Community and Enterprise Edition versions 11.7.x prior to 11.7.6 GitLab Community and Enterprise Edition versions 11.8.x prior to 11.8.1 **Description** An issue was discovered that allows Information Exposure. **Recommendations** For GitLab Community and Enterprise Edition versions prior to 11.6.10, update to version 11.6.10 or later. For GitLab Community and Enterprise Edition versions 11.7.x prior to 11.7.6, update to version 11.7.6 or later. For GitLab Community and Enterprise Edition versions 11.8.x prior to 11.8.1, update to version 11.8.1 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab Community and Enterprise Edition versions prior to 11.6.10 GitLab Community and Enterprise Edition versions 11.7.x prior to 11.7.6 GitLab Community and Enterprise Edition versions 11.8.x prior to 11.8.1 **Description** An issue was discovered that has Incorrect Access Control. **Recommendations** For GitLab Community and Enterprise Edition versions prior to 11.6.10, update to version 11.6.10 or later. For GitLab Community and Enterprise Edition versions 11.7.x prior to 11.7.6, update to version 11.7.6 or later. For GitLab Community and Enterprise Edition versions 11.8.x prior to 11.8.1, update to version 11.8.1 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab Community and Enterprise Edition versions prior to 11.6.10 GitLab Community and Enterprise Edition versions 11.7.x prior to 11.7.6 GitLab Community and Enterprise Edition versions 11.8.x prior to 11.8.1 **Description** An issue was discovered that has Incorrect Access Control. **Recommendations** For GitLab Community and Enterprise Edition versions prior to 11.6.10, update to version 11.6.10 or later. For GitLab Community and Enterprise Edition versions 11.7.x prior to 11.7.6, update to version 11.7.6 or later. For GitLab Community and Enterprise Edition versions 11.8.x prior to 11.8.1, update to version 11.8.1 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab Community and Enterprise Edition versions 11.5.8 and earlier, 11.6.x through 11.6.5, 11.7.x through 11.7.0 **Description** The issue allows for a persistent XSS due to a lack of input validation and output encoding in the user status field. This results in a security problem that can be exploited. **Recommendations** For versions 11.5.8 and earlier, update to version 11.5.8 or later. For versions 11.6.x through 11.6.5, update to version 11.6.6 or later. For versions 11.7.x through 11.7.0, update to version 11.7.1 or later.