exploitDog

GHSA-2px3-3vqh-4m6q

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper authorization checks allow a non-member of a project/group to change the confidentiality attribute of issue via mutation GraphQL query

In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper authorization checks allow a non-member of a project/group to change the confidentiality attribute of issue via mutation GraphQL query

Ссылки

EPSS

Процентиль: 39%

0.00174

Низкий

CVE ID

Связанные уязвимости

CVE-2020-13334

CVSS3: 5.9

ubuntu

больше 5 лет назад

In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper authorization checks allow a non-member of a project/group to change the confidentiality attribute of issue via mutation GraphQL query

CVE-2020-13334

CVSS3: 5.9

nvd

больше 5 лет назад

In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper authorization checks allow a non-member of a project/group to change the confidentiality attribute of issue via mutation GraphQL query

CVE-2020-13334

CVSS3: 5.9

debian

больше 5 лет назад

In GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, improper autho ...

EPSS

Процентиль: 39%

0.00174

Низкий

CVE ID