CVE-2021-22228

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2021-22228
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-22228.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-22228
Aliases
Published
2021-07-06T22:15:08Z
Modified
2024-06-06T13:56:34.446653Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

An issue has been discovered in GitLab affecting all versions before 13.11.6, all versions starting from 13.12 before 13.12.6, and all versions starting from 14.0 before 14.0.2. Improper access control allows unauthorised users to access project details using Graphql.

References

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type
GIT
Repo
https://gitlab.com/gitlab-org/gitlab
Events

Affected versions

v14.*

v14.0.0-ee
v14.0.1-ee