GitLab 10.7 and later through 12.7.2 has Incorrect Access Control.
CVSS Score
9.8
EPSS Score
0.002
Published
2020-03-06
In GitLab Enterprise Edition (EE) 12.5.0 through 12.7.5, sharing a group with a group could grant project access to unauthorized users.
CVSS Score
7.5
EPSS Score
0.001
Published
2020-02-17
GitLab EE 8.0 through 12.7.2 has Insecure Permissions (issue 1 of 2).
CVSS Score
4.3
EPSS Score
0.0
Published
2020-02-05
Page 46