BIT-gitlab-2021-39916

See a problem?
Import Source
https://github.com/bitnami/vulndb/tree/main/data/gitlab/BIT-gitlab-2021-39916.json
JSON Data
https://api.osv.dev/v1/vulns/BIT-gitlab-2021-39916
Aliases
Published
2024-03-06T11:17:41.199Z
Modified
2024-03-06T11:25:28.861Z
Summary
[none]
Details

Lack of an access control check in the External Status Check feature allowed any authenticated user to retrieve the configuration of any External Status Check in GitLab EE starting from 14.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2.

References

Affected packages

Bitnami / gitlab

Package

Name
gitlab
Purl
pkg:bitnami/gitlab

Severity

  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Affected ranges

Type
SEMVER
Events
Introduced
14.1.0
Fixed
14.3.6
Introduced
14.4.0
Fixed
14.4.4
Introduced
14.5.0
Fixed
14.5.2