Описание
Improper authorization in GitLab EE affecting all versions since 13.4 allowed a user who previously had the necessary access to trigger deployments to protected environments under specific conditions after the access has been removed
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | DNE | |
| esm-apps/xenial | ignored | not maintainable |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| hirsute | DNE | |
| impish | DNE | |
| jammy | DNE | |
| kinetic | DNE |
Показывать по
EPSS
4.9 Medium
CVSS2
4.9 Medium
CVSS3
Связанные уязвимости
Improper authorization in GitLab EE affecting all versions since 13.4 allowed a user who previously had the necessary access to trigger deployments to protected environments under specific conditions after the access has been removed
Improper authorization in GitLab EE affecting all versions since 13.4 ...
Improper authorization in GitLab EE affecting all versions since 13.4 allowed a user who previously had the necessary access to trigger deployments to protected environments under specific conditions after the access has been removed
Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связанная с неправильной авторизацией, позволяющая нарушителю нарушить целостность данных, а также вызвать отказ в обслуживании
EPSS
4.9 Medium
CVSS2
4.9 Medium
CVSS3