CVE-2021-39930

Опубликовано: 13 дек. 2021

Источник: debian

EPSS Низкий

Описание

Missing authorization in GitLab EE versions between 12.4 and 14.3.6, between 14.4.0 and 14.4.4, and between 14.5.0 and 14.5.2 allowed an attacker to access a user's custom project and group templates

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gitlab	fixed	15.10.8+ds1-2		package

EPSS

Процентиль: 48%

0.00245

Низкий

Связанные уязвимости

CVE-2021-39930

CVSS3: 4.3

ubuntu

около 4 лет назад

Missing authorization in GitLab EE versions between 12.4 and 14.3.6, between 14.4.0 and 14.4.4, and between 14.5.0 and 14.5.2 allowed an attacker to access a user's custom project and group templates

CVE-2021-39930

CVSS3: 4.3

nvd

около 4 лет назад

Missing authorization in GitLab EE versions between 12.4 and 14.3.6, between 14.4.0 and 14.4.4, and between 14.5.0 and 14.5.2 allowed an attacker to access a user's custom project and group templates

GHSA-gfwx-7f38-2397

github

около 4 лет назад

Missing authorization in GitLab EE versions between 12.4 and 14.3.6, between 14.4.0 and 14.4.4, and between 14.5.0 and 14.5.2 allowed an attacker to access a user's custom project and group templates

EPSS

Процентиль: 48%

0.00245

Низкий