Lucene search
GitLabCVELIST:CVE-2021-22209HistoryMay 06, 2021 - 1:37 p.m.
CVE-2021-22209
2021-05-0613:37:47
GitLab
www.cve.org
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
0.001 Low
EPSS
Percentile
34.2%
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.8. GitLab was not properly validating authorisation tokens which resulted in GraphQL mutation being executed.
CNA Affected
[
{
"product": "GitLab",
"vendor": "GitLab",
"versions": [
{
"status": "affected",
"version": ">=13.11, <13.11.12"
},
{
"status": "affected",
"version": ">=13.10, <13.10.4"
},
{
"status": "affected",
"version": ">=13.8, <13.9.7"
}
]
}
]Related
nessus
nessus
GitLab 13.8 < 13.9.7 / 13.10 < 13.10.4 / 13.11 < 13.11.12 (CVE-2021-22209)
2024-01-02 00:00:00
FreeBSD : Gitlab -- Vulnerabilities (518a119c-a864-11eb-8ddb-001b217b3468)
2021-04-29 00:00:00
ubuntucve
ubuntucve
CVE-2021-22209
2021-05-06 00:00:00
cve
cve
CVE-2021-22209
2021-05-06 14:15:08
prion
prion
Code injection
2021-05-06 14:15:00
osv
osv
BIT-gitlab-2021-22209
2024-03-06 11:19:58
CVE-2021-22209
2021-05-06 14:15:00
debiancve
debiancve
CVE-2021-22209
2021-05-06 14:15:08
veracode
veracode
Authorization Bypass
2023-08-06 14:34:29
nvd
nvd
CVE-2021-22209
2021-05-06 14:15:08
archlinux
archlinux
[ASA-202105-4] gitlab: multiple issues
2021-05-19 00:00:00
freebsd
freebsd
Gitlab -- Vulnerabilities
2021-04-28 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
0.001 Low
EPSS
Percentile
34.2%
Related for CVELIST:CVE-2021-22209