Improper Authorization Vulnerability in GitLab CE/EE Allows Unauthorized Access to Job Trace Logs

Improper Authorization Vulnerability in GitLab CE/EE Allows Unauthorized Access to Job Trace Logs

CVE-2022-1124 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

An improper authorization issue has been discovered in GitLab CE/EE affecting all versions prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0, allowing Guest project members to access trace log of jobs when it is enabled

Learn more about our Web Application Penetration Testing UK.