exploitDog

GHSA-cc75-w727-3jqw

Опубликовано: 14 дек. 2021

Источник: github

Github: Не прошло ревью

Описание

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A permissions validation flaw allowed group members with a developer role to elevate their privilege to a maintainer on projects they import

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A permissions validation flaw allowed group members with a developer role to elevate their privilege to a maintainer on projects they import

Ссылки

EPSS

Процентиль: 39%

0.00176

Низкий

CVE ID

Дефекты

CWE-269

Связанные уязвимости

CVE-2021-39944

CVSS3: 7.1

ubuntu

около 4 лет назад

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A permissions validation flaw allowed group members with a developer role to elevate their privilege to a maintainer on projects they import

CVE-2021-39944

CVSS3: 7.1

nvd

около 4 лет назад

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A permissions validation flaw allowed group members with a developer role to elevate their privilege to a maintainer on projects they import

CVE-2021-39944

CVSS3: 7.1

debian

около 4 лет назад

An issue has been discovered in GitLab CE/EE affecting all versions st ...

EPSS

Процентиль: 39%

0.00176

Низкий

CVE ID

Дефекты

CWE-269