exploitDog

GHSA-r45q-p6m3-6gmv

Опубликовано: 14 дек. 2021

Источник: github

Github: Не прошло ревью

Описание

A collision in access memoization logic in all versions of GitLab CE/EE before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, leads to potential elevated privileges in groups and projects under rare circumstances

A collision in access memoization logic in all versions of GitLab CE/EE before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, leads to potential elevated privileges in groups and projects under rare circumstances

Ссылки

EPSS

Процентиль: 37%

0.00151

Низкий

CVE ID

Дефекты

CWE-269

Связанные уязвимости

CVE-2021-39937

CVSS3: 5.9

ubuntu

больше 3 лет назад

A collision in access memoization logic in all versions of GitLab CE/EE before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, leads to potential elevated privileges in groups and projects under rare circumstances

CVE-2021-39937

CVSS3: 5.9

nvd

больше 3 лет назад

A collision in access memoization logic in all versions of GitLab CE/EE before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, leads to potential elevated privileges in groups and projects under rare circumstances

CVE-2021-39937

CVSS3: 5.9

debian

больше 3 лет назад

A collision in access memoization logic in all versions of GitLab CE/E ...

EPSS

Процентиль: 37%

0.00151

Низкий

CVE ID

Дефекты

CWE-269