Описание
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL results in user email being unexpectedly visible.
Ссылки
- Vendor Advisory
- Broken Link
- Permissions Required
- Vendor Advisory
- Broken Link
- Permissions Required
Уязвимые конфигурации
Конфигурация 1Версия от 13.4.0 (включая) до 13.6.2 (исключая)Версия от 13.4.0 (включая) до 13.6.2 (исключая)
Одно из
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 100%
0.92644
Критический
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 5.3
ubuntu
около 5 лет назад
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL results in user email being unexpectedly visible.
CVSS3: 5.3
debian
около 5 лет назад
An issue has been discovered in GitLab CE/EE affecting all versions st ...
github
больше 3 лет назад
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL results in user email being unexpectedly visible.
EPSS
Процентиль: 100%
0.92644
Критический
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-200