Описание
An issue has been discovered in GitLab CE/EE affecting all versions from 18.0 before 18.0.1. In certain circumstances, a user with limited permissions could access Job Data via a crafted GraphQL query.
Ссылки
- Broken Link
- Permissions Required
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:gitlab:gitlab:18.0.0:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:18.0.0:*:*:*:enterprise:*:*:*
EPSS
Процентиль: 1%
0.0001
Низкий
2.7 Low
CVSS3
4.3 Medium
CVSS3
Дефекты
CWE-1220
CWE-863
Связанные уязвимости
CVSS3: 2.7
ubuntu
27 дней назад
An issue has been discovered in GitLab CE/EE affecting all versions from 18.0 before 18.0.1. In certain circumstances, a user with limited permissions could access Job Data via a crafted GraphQL query.
CVSS3: 2.7
debian
27 дней назад
An issue has been discovered in GitLab CE/EE affecting all versions fr ...
CVSS3: 2.7
github
27 дней назад
An issue has been discovered in GitLab CE/EE affecting all versions from 18.0 before 18.0.1. In certain circumstances, a user with limited permissions could access Job Data via a crafted GraphQL query.
EPSS
Процентиль: 1%
0.0001
Низкий
2.7 Low
CVSS3
4.3 Medium
CVSS3
Дефекты
CWE-1220
CWE-863