CVE-2021-22208

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-22208

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-22208.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-22208

Aliases

BIT-gitlab-2021-22208

Related

UBUNTU-CVE-2021-22208

Published

2021-05-06T14:15:07Z

Modified

2024-05-29T22:12:25Z

Severity

4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

An issue has been discovered in GitLab affecting versions starting with 13.5 up to 13.9.7. Improper permission check could allow the change of timestamp for issue creation or update.

References

https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22208.json
https://gitlab.com/gitlab-org/gitlab/-/issues/301212

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type: GIT
Repo: https://gitlab.com/gitlab-org/gitlab
Events: Introduced

2f8ec2ebf58d8d4885127b9715b143e6756f2df1

Fixed

55effbbba527b094f7e3606d62b7c81fc7963150