Описание
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.11 prior to 16.10.6, starting from 16.11 prior to 16.11.3, and starting from 17.0 prior to 17.0.1. A Guest user can view dependency lists of private projects through job artifacts.
Ссылки
- ExploitIssue Tracking
- Permissions Required
- ExploitIssue Tracking
- Permissions Required
Уязвимые конфигурации
Конфигурация 1Версия от 11.11.0 (включая) до 16.10.6 (исключая)Версия от 11.11.0 (включая) до 16.10.6 (исключая)Версия от 16.11.0 (включая) до 16.11.3 (исключая)Версия от 16.11.0 (включая) до 16.11.3 (исключая)
Одно из
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:17.0.0:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:17.0.0:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 11%
0.00037
Низкий
4 Medium
CVSS3
5.3 Medium
CVSS3
Дефекты
CWE-862
CWE-862
Связанные уязвимости
CVSS3: 4
ubuntu
больше 1 года назад
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.11 prior to 16.10.6, starting from 16.11 prior to 16.11.3, and starting from 17.0 prior to 17.0.1. A Guest user can view dependency lists of private projects through job artifacts.
CVSS3: 4
debian
больше 1 года назад
An issue has been discovered in GitLab CE/EE affecting all versions st ...
EPSS
Процентиль: 11%
0.00037
Низкий
4 Medium
CVSS3
5.3 Medium
CVSS3
Дефекты
CWE-862
CWE-862