CVE-2017-0922

Опубликовано: 21 мар. 2018

Источник: debian

EPSS Низкий

Описание

Gitlab Enterprise Edition version 10.3 is vulnerable to an authorization bypass issue in the GitLab Projects::BoardsController component resulting in an information disclosure on any board object.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gitlab	fixed	10.5.5+dfsg-1		package
gitlab	not-affected		stretch	package

Примечания

https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/

EPSS

Процентиль: 25%

0.0008

Низкий

Связанные уязвимости

CVE-2017-0922

CVSS3: 7.5

ubuntu

около 7 лет назад

Gitlab Enterprise Edition version 10.3 is vulnerable to an authorization bypass issue in the GitLab Projects::BoardsController component resulting in an information disclosure on any board object.

CVE-2017-0922

CVSS3: 7.5

nvd

около 7 лет назад

Gitlab Enterprise Edition version 10.3 is vulnerable to an authorization bypass issue in the GitLab Projects::BoardsController component resulting in an information disclosure on any board object.

GHSA-rw3m-264q-5gp2

CVSS3: 7.5

github

около 3 лет назад

Gitlab Enterprise Edition version 10.3 is vulnerable to an authorization bypass issue in the GitLab Projects::BoardsController component resulting in an information disclosure on any board object.

EPSS

Процентиль: 25%

0.0008

Низкий