Описание
Improper authorization in GitLab 12.8+ allows a guest user in a private project to view tag data that should be inaccessible on the releases page
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| gitlab | fixed | 13.6.6-1 | experimental | package |
| gitlab | fixed | 15.10.8+ds1-2 | package |
Примечания
https://about.gitlab.com/releases/2021/02/01/security-release-gitlab-13-8-2-released/
EPSS
Процентиль: 49%
0.00255
Низкий
Связанные уязвимости
CVSS3: 4.3
ubuntu
почти 5 лет назад
Improper authorization in GitLab 12.8+ allows a guest user in a private project to view tag data that should be inaccessible on the releases page
CVSS3: 4.3
nvd
почти 5 лет назад
Improper authorization in GitLab 12.8+ allows a guest user in a private project to view tag data that should be inaccessible on the releases page
CVSS3: 4.3
github
больше 3 лет назад
Improper authorization in GitLab 12.8+ allows a guest user in a private project to view tag data that should be inaccessible on the releases page
EPSS
Процентиль: 49%
0.00255
Низкий