Описание
All versions of GitLab CE/EE starting from 9.5 before 13.10.5, all versions starting from 13.11 before 13.11.5, and all versions starting from 13.12 before 13.12.2 allow a high privilege user to obtain sensitive information from log files because the sensitive information was not correctly registered for log masking.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/xenial | ignored | not maintainable |
| esm-infra/focal | DNE | |
| focal | DNE | |
| jammy | DNE | |
| mantic | DNE | |
| noble | DNE | |
| upstream | released | 15.10.8+ds1-2 |
Показывать по
Ссылки на источники
EPSS
4 Medium
CVSS2
4.4 Medium
CVSS3
Связанные уязвимости
All versions of GitLab CE/EE starting from 9.5 before 13.10.5, all versions starting from 13.11 before 13.11.5, and all versions starting from 13.12 before 13.12.2 allow a high privilege user to obtain sensitive information from log files because the sensitive information was not correctly registered for log masking.
All versions of GitLab CE/EE starting from 9.5 before 13.10.5, all ver ...
GitLab CE/EE since version 9.5 allows a high privilege user to obtain sensitive information from log files because the sensitive information was not correctly registered for log masking.
Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связанная с недостаточной защитой регистрационных данных, позволяющая нарушителю получить доступ к конфиденциальным данным
EPSS
4 Medium
CVSS2
4.4 Medium
CVSS3