GHSA-gfwx-7f38-2397

Опубликовано: 14 дек. 2021

Источник: github

Github: Не прошло ревью

Описание

Missing authorization in GitLab EE versions between 12.4 and 14.3.6, between 14.4.0 and 14.4.4, and between 14.5.0 and 14.5.2 allowed an attacker to access a user's custom project and group templates

Ссылки

EPSS

Процентиль: 48%

0.00245

Низкий

CVE ID

CVE-2021-39930

Дефекты

CWE-863

Связанные уязвимости

CVE-2021-39930

CVSS3: 4.3

ubuntu

около 4 лет назад

Missing authorization in GitLab EE versions between 12.4 and 14.3.6, between 14.4.0 and 14.4.4, and between 14.5.0 and 14.5.2 allowed an attacker to access a user's custom project and group templates

CVE-2021-39930

CVSS3: 4.3

nvd

около 4 лет назад

Missing authorization in GitLab EE versions between 12.4 and 14.3.6, between 14.4.0 and 14.4.4, and between 14.5.0 and 14.5.2 allowed an attacker to access a user's custom project and group templates

CVE-2021-39930

CVSS3: 4.3

debian

около 4 лет назад

Missing authorization in GitLab EE versions between 12.4 and 14.3.6, b ...

EPSS

Процентиль: 48%

0.00245

Низкий

CVE ID

CVE-2021-39930

Дефекты

CWE-863