CVE-2017-0922

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-0922
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-0922.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-0922
Published
2018-03-21T20:29:00.527Z
Modified
2026-04-10T03:54:32.379955Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

Gitlab Enterprise Edition version 10.3 is vulnerable to an authorization bypass issue in the GitLab Projects::BoardsController component resulting in an information disclosure on any board object.

References

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type
GIT
Repo
https://gitlab.com/gitlab-org/gitlab
Events
Introduced
a515b56a128da5bace23d4b475030b91e87b9606
Last affected
9c32fedb6d29601a9cb698a25f8b917724b484b3
Introduced
a515b56a128da5bace23d4b475030b91e87b9606
Last affected
9c32fedb6d29601a9cb698a25f8b917724b484b3
Introduced
235b8d50ad14e7cdf4bc61c3df070f38dee97974
Last affected
5a1abb98b40ef0047d634b6ff09c3379da46cff9
Introduced
235b8d50ad14e7cdf4bc61c3df070f38dee97974
Last affected
5a1abb98b40ef0047d634b6ff09c3379da46cff9
Introduced
d90716aff22310b27734df86d287d2cb4084fdbb
Last affected
3ec4b67ffebfd15dd22fca7b35b0405454422df7
Introduced
d90716aff22310b27734df86d287d2cb4084fdbb
Last affected
3ec4b67ffebfd15dd22fca7b35b0405454422df7
Introduced
6369db0196ec7b6e288b16382c95243424a59b62
Last affected
3f64be9aeeb1a8c7c88b50bdf0212118dc265ce6
Introduced
6369db0196ec7b6e288b16382c95243424a59b62
Last affected
3f64be9aeeb1a8c7c88b50bdf0212118dc265ce6
Database specific 
{
    "versions": [
        {
            "introduced": "9.1.0"
        },
        {
            "last_affected": "9.5.10"
        },
        {
            "introduced": "9.1.0"
        },
        {
            "last_affected": "9.5.10"
        },
        {
            "introduced": "10.0.0"
        },
        {
            "last_affected": "10.1.5"
        },
        {
            "introduced": "10.0.0"
        },
        {
            "last_affected": "10.1.5"
        },
        {
            "introduced": "10.2.0"
        },
        {
            "last_affected": "10.2.5"
        },
        {
            "introduced": "10.2.0"
        },
        {
            "last_affected": "10.2.5"
        },
        {
            "introduced": "10.3.0"
        },
        {
            "last_affected": "10.3.3"
        },
        {
            "introduced": "10.3.0"
        },
        {
            "last_affected": "10.3.3"
        }
    ]
}

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-0922.json"