CVE-2021-22224

Source
https://nvd.nist.gov/vuln/detail/CVE-2021-22224
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-22224.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-22224
Aliases
Related
Published
2021-07-07T12:15:08Z
Modified
2025-02-19T03:34:07.033887Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVSS Calculator
Summary
[none]
Details

A cross-site request forgery vulnerability in the GraphQL API in GitLab since version 13.12 and before versions 13.12.6 and 14.0.2 allowed an attacker to call mutations as the victim

References

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type
GIT
Repo
https://gitlab.com/gitlab-org/gitlab
Events

Affected versions

v13.*

v13.12.0-ee
v13.12.1-ee
v13.12.2-ee
v13.12.3-ee
v13.12.4-ee
v13.12.5-ee