Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2021-39889

Опубликовано: 05 окт. 2021
Источник: debian
EPSS Низкий

Описание

In all versions of GitLab EE since version 14.1, due to an insecure direct object reference vulnerability, an endpoint may reveal the protected branch name to a malicious user who makes a crafted API call with the ID of the protected branch.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
gitlabnot-affectedpackage

EPSS

Процентиль: 48%
0.00245
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2021-39889

CVSS3: 4.3
ubuntu
больше 4 лет назад

In all versions of GitLab EE since version 14.1, due to an insecure direct object reference vulnerability, an endpoint may reveal the protected branch name to a malicious user who makes a crafted API call with the ID of the protected branch.

nvd логотип

CVE-2021-39889

CVSS3: 4.3
nvd
больше 4 лет назад

In all versions of GitLab EE since version 14.1, due to an insecure direct object reference vulnerability, an endpoint may reveal the protected branch name to a malicious user who makes a crafted API call with the ID of the protected branch.

github логотип

GHSA-7w9g-7w46-w7h4

CVSS3: 4.3
github
больше 3 лет назад

In all versions of GitLab EE since version 14.1, due to an insecure direct object reference vulnerability, an endpoint may reveal the protected branch name to a malicious user who makes a crafted API call with the ID of the protected branch.

EPSS

Процентиль: 48%
0.00245
Низкий