Описание
An privilege escalation issue was discovered in Gitlab versions < 12.1.2, < 12.0.4, and < 11.11.6 when Mattermost slash commands are used with a blocked account.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| gitlab | fixed | 11.11.7+dfsg-1 | experimental | package |
| gitlab | fixed | 12.6.8-3 | package |
Примечания
https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
EPSS
Процентиль: 70%
0.00666
Низкий
Связанные уязвимости
CVSS3: 8.8
ubuntu
больше 5 лет назад
An privilege escalation issue was discovered in Gitlab versions < 12.1.2, < 12.0.4, and < 11.11.6 when Mattermost slash commands are used with a blocked account.
CVSS3: 8.8
nvd
больше 5 лет назад
An privilege escalation issue was discovered in Gitlab versions < 12.1.2, < 12.0.4, and < 11.11.6 when Mattermost slash commands are used with a blocked account.
CVSS3: 8.8
github
около 3 лет назад
An privilege escalation issue was discovered in Gitlab versions < 12.1.2, < 12.0.4, and < 11.11.6 when Mattermost slash commands are used with a blocked account.
EPSS
Процентиль: 70%
0.00666
Низкий