Описание
An improper access control vulnerability exists in GitLab <12.3.3 that allows an attacker to obtain container and dependency scanning reports through the merge request widget even though public pipelines were disabled.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
Уязвимые конфигурации
Одно из
EPSS
6.5 Medium
CVSS3
4 Medium
CVSS2
Дефекты
Связанные уязвимости
An improper access control vulnerability exists in GitLab <12.3.3 that allows an attacker to obtain container and dependency scanning reports through the merge request widget even though public pipelines were disabled.
An improper access control vulnerability exists in GitLab <12.3.3 that ...
An improper access control vulnerability exists in GitLab <12.3.3 that allows an attacker to obtain container and dependency scanning reports through the merge request widget even though public pipelines were disabled.
EPSS
6.5 Medium
CVSS3
4 Medium
CVSS2