Описание
An info leak issue was identified in all versions of GitLab EE from 13.7 prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 which exposes user email id through webhook payload.
Ссылки
- Vendor Advisory
- Issue TrackingVendor Advisory
- Vendor Advisory
- Issue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 13.7.0 (включая) до 15.4.6 (исключая)Версия от 13.7.0 (включая) до 15.4.6 (исключая)Версия от 15.5.0 (включая) до 15.5.5 (исключая)Версия от 15.5.0 (включая) до 15.5.5 (исключая)
Одно из
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:15.6.0:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:15.6.0:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 47%
0.0024
Низкий
4.3 Medium
CVSS3
5.3 Medium
CVSS3
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
CVSS3: 4.3
ubuntu
около 3 лет назад
An info leak issue was identified in all versions of GitLab EE from 13.7 prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 which exposes user email id through webhook payload.
CVSS3: 4.3
debian
около 3 лет назад
An info leak issue was identified in all versions of GitLab EE from 13 ...
CVSS3: 5.3
github
около 3 лет назад
An info leak issue was identified in all versions of GitLab EE from 13.7 prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 which exposes user email id through webhook payload.
EPSS
Процентиль: 47%
0.0024
Низкий
4.3 Medium
CVSS3
5.3 Medium
CVSS3
Дефекты
NVD-CWE-noinfo