Improper access control in GitLab CE/EE API, versions 9.4-14.5.2, allows unauthorized MR approva
Reporter | Title | Published | Views | Family All 13 |
---|---|---|---|---|
Prion | Improper access control | 13 Dec 202116:15 | – | prion |
Tenable Nessus | GitLab 9.4 < 14.3.6 / 14.4 < 14.4.4 / 14.5 < 14.5.2 (CVE-2021-39945) | 2 Jan 202400:00 | – | nessus |
Tenable Nessus | FreeBSD : Gitlab -- Multiple Vulnerabilities (b299417a-5725-11ec-a587-001b217b3468) | 13 Dec 202100:00 | – | nessus |
OSV | BIT-gitlab-2021-39945 | 6 Mar 202411:17 | – | osv |
OSV | CVE-2021-39945 | 13 Dec 202116:15 | – | osv |
CNVD | GitLab Access Control Error Vulnerability (CNVD-2021-99768) | 10 Dec 202100:00 | – | cnvd |
NVD | CVE-2021-39945 | 13 Dec 202116:15 | – | nvd |
Veracode | Improper Access Control | 6 Aug 202320:10 | – | veracode |
Cvelist | CVE-2021-39945 | 13 Dec 202115:47 | – | cvelist |
UbuntuCve | CVE-2021-39945 | 13 Dec 202100:00 | – | ubuntucve |
[
{
"product": "GitLab",
"vendor": "GitLab",
"versions": [
{
"status": "affected",
"version": ">=14.5, <14.5.2"
},
{
"status": "affected",
"version": ">=14.4, <14.4.4"
},
{
"status": "affected",
"version": ">=9.4, <14.3.6"
}
]
}
]
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo