GHSA-r8rw-g922-j95j

Опубликовано: 19 янв. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

In all versions of GitLab CE/EE since version 12.0, a lower privileged user can import users from projects that they don't have a maintainer role on and disclose email addresses of those users.

Ссылки

EPSS

Процентиль: 60%

0.00401

Низкий

4.3 Medium

CVSS3

CVE ID

CVE-2021-39892

Дефекты

CWE-668

Связанные уязвимости

CVE-2021-39892

CVSS3: 4.3

ubuntu

больше 3 лет назад

In all versions of GitLab CE/EE since version 12.0, a lower privileged user can import users from projects that they don't have a maintainer role on and disclose email addresses of those users.

CVE-2021-39892

CVSS3: 4.3

nvd

больше 3 лет назад

In all versions of GitLab CE/EE since version 12.0, a lower privileged user can import users from projects that they don't have a maintainer role on and disclose email addresses of those users.

CVE-2021-39892

CVSS3: 4.3

debian

больше 3 лет назад

In all versions of GitLab CE/EE since version 12.0, a lower privileged ...

EPSS

Процентиль: 60%

0.00401

Низкий

4.3 Medium

CVSS3

CVE ID

CVE-2021-39892

Дефекты

CWE-668