Gitlab · Gitlab Ce/Ee · CVE-2020-26417
**Name of the Vulnerable Software and Affected Versions**
GitLab CE/EE versions 13.1 through 13.4.7
GitLab CE/EE versions 13.5 through 13.5.5
GitLab CE/EE versions 13.6 through 13.6.2
**Description**
The issue concerns information disclosure via GraphQL, exposing private group and project membership.
**Recommendations**
For versions 13.1 through 13.4.7, update to version 13.4.7 or later.
For versions 13.5 through 13.5.5, update to version 13.5.5 or later.
For versions 13.6 through 13.6.2, update to version 13.6.2 or later.