Lucene search
China National Vulnerability DatabaseCNVD-2021-99768HistoryDec 10, 2021 - 12:00 a.m.
GitLab Access Control Error Vulnerability (CNVD-2021-99768)
2021-12-1000:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
0.001 Low
EPSS
Percentile
26.9%
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD (continuous integration and continuous delivery), and other features.GitLab CE/EE is vulnerable to an access control error that stems from the existence of GitLab CE/EE from 12.10 to 14.3.6 ago Faulty access control allows the author of a merge request to approve the merge request even after their access to the project has been revoked. No detailed vulnerability details are currently available.
| CPE | Name | Operator | Version |
|---|---|---|---|
| GitLab GitLab CE/EE >=12.10, | lt | 14.3.6 |
Related
osv
osv
CVE-2021-39945
2021-12-13 16:15:09
BIT-gitlab-2021-39945
2024-03-06 11:17:15
cve
cve
CVE-2021-39945
2021-12-13 16:15:09
prion
prion
Improper access control
2021-12-13 16:15:00
nessus
nessus
GitLab 9.4 < 14.3.6 / 14.4 < 14.4.4 / 14.5 < 14.5.2 (CVE-2021-39945)
2024-01-02 00:00:00
nvd
nvd
CVE-2021-39945
2021-12-13 16:15:09
ubuntucve
ubuntucve
CVE-2021-39945
2021-12-13 00:00:00
cvelist
cvelist
CVE-2021-39945
2021-12-13 15:47:49
veracode
veracode
Improper Access Control
2023-08-06 20:10:05
debiancve
debiancve
CVE-2021-39945
2021-12-13 16:15:09
archlinux
archlinux
[ASA-202112-10] gitlab: multiple issues
2021-12-11 00:00:00
freebsd
freebsd
Gitlab -- Multiple Vulnerabilities
2021-12-06 00:00:00