Описание
It was possible to disclose details of confidential notes created via the API in Gitlab CE/EE affecting all versions from 13.2 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1 if an unauthorised project member was tagged in the note.
| Релиз | Статус | Примечание |
|---|---|---|
| upstream | needs-triage |
Показывать по
EPSS
4 Medium
CVSS2
4.3 Medium
CVSS3
Связанные уязвимости
It was possible to disclose details of confidential notes created via the API in Gitlab CE/EE affecting all versions from 13.2 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1 if an unauthorised project member was tagged in the note.
It was possible to disclose details of confidential notes created via ...
It was possible to disclose details of confidential notes created via the API in Gitlab CE/EE affecting all versions from 13.2 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1 if an unauthorised project member was tagged in the note.
EPSS
4 Medium
CVSS2
4.3 Medium
CVSS3