Описание
An issue has been discovered in GitLab EE affecting all versions starting from 15.7 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. It was possible to disclose issue notes to an unauthorized user at project export.
Ссылки
- Vendor Advisory
- Broken Link
- Vendor Advisory
- Broken Link
Уязвимые конфигурации
Конфигурация 1Версия от 15.7.0 (включая) до 15.10.8 (исключая)Версия от 15.11.0 (включая) до 15.11.7 (исключая)Версия от 16.0.0 (включая) до 16.0.2 (исключая)
Одно из
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 52%
0.00286
Низкий
3.1 Low
CVSS3
4.3 Medium
CVSS3
Дефекты
CWE-201
NVD-CWE-Other
Связанные уязвимости
CVSS3: 3.1
debian
около 2 лет назад
An issue has been discovered in GitLab EE affecting all versions start ...
CVSS3: 3.1
github
около 2 лет назад
An issue has been discovered in GitLab EE affecting all versions starting from 15.7 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. It was possible to disclose issue notes to an unauthorized user at project export.
EPSS
Процентиль: 52%
0.00286
Низкий
3.1 Low
CVSS3
4.3 Medium
CVSS3
Дефекты
CWE-201
NVD-CWE-Other