GitLab Enterprise Edition could allow a remote authenticated attacker to obtain sensitive information, caused by incorrect authorization when displaying Audit Events. An attacker could exploit this vulnerability to obtain view a group’s Audit Events and use this information to launch further attacks against the affected system.
GitLab GitLab 15.0 Enterprise
GitLab GitLab 15.1.4 Enterprise
GitLab GitLab 15.2 Enterprise
GitLab GitLab 15.2.2 Enterprise
GitLab GitLab 15.3 Enterprise
Refer to the GitLab GIT Repository for patch, upgrade or suggested workaround information.