Vijay_Kumar1110

**Name of the Vulnerable Software and Affected Versions** GitLab EE version 11.5 before 11.5.1 **Description** The issue allows a user with Reporter privileges to view the Jaeger Tracing Operations page due to an insecure object reference. **Recommendations** For GitLab EE version 11.5 before 11.5.1, update to version 11.5.1 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: GitLab Community and Enterprise Edition versions prior to 11.7.8 GitLab Community and Enterprise Edition versions 11.8.x prior to 11.8.4 GitLab Community and Enterprise Edition versions 11.9.x prior to 11.9.2 Description: An issue was discovered that allowed non-members of a private project or group to add and read labels, due to incorrect access control. Recommendations: For versions prior to 11.7.8, update to version 11.7.8 or later. For versions 11.8.x prior to 11.8.4, update to version 11.8.4 or later. For versions 11.9.x prior to 11.9.2, update to version 11.9.2 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab Community and Enterprise Edition versions prior to 11.6.10 GitLab Community and Enterprise Edition versions 11.7.x prior to 11.7.6 GitLab Community and Enterprise Edition versions 11.8.x prior to 11.8.1 **Description** An issue was discovered that has Incorrect Access Control. **Recommendations** For GitLab Community and Enterprise Edition versions prior to 11.6.10, update to version 11.6.10 or later. For GitLab Community and Enterprise Edition versions 11.7.x prior to 11.7.6, update to version 11.7.6 or later. For GitLab Community and Enterprise Edition versions 11.8.x prior to 11.8.1, update to version 11.8.1 or later.

**Name of the Vulnerable Software and Affected Versions** GitLab Community and Enterprise Edition versions 10.8 through 11.8.x GitLab Community and Enterprise Edition versions 11.7.x through 11.7.5 GitLab Community and Enterprise Edition versions 11.6.x through 11.6.9 GitLab Community and Enterprise Edition version 11.8.0 **Description** The issue is related to Incorrect Access Control. **Recommendations** For GitLab Community and Enterprise Edition versions 10.8 through 11.6.9, update to version 11.6.10 or later. For GitLab Community and Enterprise Edition versions 11.7.x through 11.7.5, update to version 11.7.6 or later. For GitLab Community and Enterprise Edition version 11.8.0, update to version 11.8.1 or later.