Weasterhacker

**Name of the Vulnerable Software and Affected Versions** GitLab EE versions 13.2 through 18.4.5 GitLab EE versions 18.5 through 18.5.3 GitLab EE versions 18.6 through 18.6.1 **Description** An authenticated user could potentially disclose sensitive information from private projects by executing specifically crafted GraphQL queries. The issue affects GitLab EE. **Recommendations** GitLab EE versions prior to 18.4.6 should be updated. GitLab EE versions prior to 18.5.4 should be updated. GitLab EE versions prior to 18.6.2 should be updated.

**Name of the Vulnerable Software and Affected Versions** GitLab EE versions 17.7 through 17.7.5 GitLab EE versions 17.8 through 17.8.3 GitLab EE versions 17.9 through 17.9.0 **Description** The issue is related to improper authorization, allowing users with limited permissions to access potentially sensitive project analytics data. **Recommendations** For GitLab EE versions 17.7 through 17.7.5, update to version 17.7.6 or later. For GitLab EE versions 17.8 through 17.8.3, update to version 17.8.4 or later. For GitLab EE versions 17.9 through 17.9.0, update to version 17.9.1 or later.