Описание
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7. GitLab Dependency Proxy, under certain circumstances, can impersonate a user resulting in possibly incorrect access handling.
Ссылки
- Vendor Advisory
- Broken Link
- Vendor Advisory
- Broken Link
Уязвимые конфигурации
Одно из
EPSS
3.1 Low
CVSS3
4.3 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
Связанные уязвимости
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7. GitLab Dependency Proxy, under certain circumstances, can impersonate a user resulting in possibly incorrect access handling.
An issue has been discovered in GitLab CE/EE affecting all versions st ...
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7. GitLab Dependency Proxy, under certain circumstances, can impersonate a user resulting in possibly incorrect access handling.
Уязвимость компонента Dependency Proxy программной платформы на базе git для совместной работы над кодом GitLab, связанная с неправильной авторизацией, позволяющая нарушителю оказать воздействие на целостность данных
EPSS
3.1 Low
CVSS3
4.3 Medium
CVSS3
3.5 Low
CVSS2