CVE-2021-39892

Опубликовано: 18 янв. 2022

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4

CVSS3: 4.3

Описание

In all versions of GitLab CE/EE since version 12.0, a lower privileged user can import users from projects that they don't have a maintainer role on and disclose email addresses of those users.

Релиз	Статус	Примечание
esm-apps/xenial	ignored	not maintainable
trusty	ignored	end of standard support
upstream	needs-triage
xenial	ignored	end of standard support

Показывать по

Ссылки на источники

EPSS

Процентиль: 53%

0.00297

Низкий

4 Medium

CVSS2

4.3 Medium

CVSS3

Связанные уязвимости

CVE-2021-39892

CVSS3: 4.3

nvd

почти 4 года назад

In all versions of GitLab CE/EE since version 12.0, a lower privileged user can import users from projects that they don't have a maintainer role on and disclose email addresses of those users.

CVE-2021-39892

CVSS3: 4.3

debian

почти 4 года назад

In all versions of GitLab CE/EE since version 12.0, a lower privileged ...

GHSA-r8rw-g922-j95j

CVSS3: 4.3

github

почти 4 года назад

In all versions of GitLab CE/EE since version 12.0, a lower privileged user can import users from projects that they don't have a maintainer role on and disclose email addresses of those users.

EPSS

Процентиль: 53%

0.00297

Низкий

4 Medium

CVSS2

4.3 Medium

CVSS3

CVE-2021-39892

Описание

Пакет gitlab

Ссылки на источники

Связанные уязвимости