Описание
All versions of GitLab CE/EE starting from 9.5 before 13.10.5, all versions starting from 13.11 before 13.11.5, and all versions starting from 13.12 before 13.12.2 allow a high privilege user to obtain sensitive information from log files because the sensitive information was not correctly registered for log masking.
Ссылки
- Vendor Advisory
- Broken Link
- Vendor Advisory
- Broken Link
Уязвимые конфигурации
Одно из
EPSS
4.4 Medium
CVSS3
4.9 Medium
CVSS3
4 Medium
CVSS2
Дефекты
Связанные уязвимости
All versions of GitLab CE/EE starting from 9.5 before 13.10.5, all versions starting from 13.11 before 13.11.5, and all versions starting from 13.12 before 13.12.2 allow a high privilege user to obtain sensitive information from log files because the sensitive information was not correctly registered for log masking.
All versions of GitLab CE/EE starting from 9.5 before 13.10.5, all ver ...
GitLab CE/EE since version 9.5 allows a high privilege user to obtain sensitive information from log files because the sensitive information was not correctly registered for log masking.
Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связанная с недостаточной защитой регистрационных данных, позволяющая нарушителю получить доступ к конфиденциальным данным
EPSS
4.4 Medium
CVSS3
4.9 Medium
CVSS3
4 Medium
CVSS2