Lucene search
GitLabCVELIST:CVE-2021-39875HistoryOct 05, 2021 - 12:28 p.m.
CVE-2021-39875
2021-10-0512:28:28
GitLab
www.cve.org
1
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
44.1%
In all versions of GitLab CE/EE since version 13.6, it is possible to see pending invitations of any public group or public project by visiting an API endpoint.
CNA Affected
[
{
"product": "GitLab",
"vendor": "GitLab",
"versions": [
{
"status": "affected",
"version": ">=13.6, <14.1.7"
},
{
"status": "affected",
"version": ">=14.2, <14.2.5"
},
{
"status": "affected",
"version": ">=14.3, <14.3.1"
}
]
}
]Related
osv
osv
CVE-2021-39875
2021-10-05 13:15:00
BIT-gitlab-2021-39875
2024-03-06 11:18:40
nvd
nvd
CVE-2021-39875
2021-10-05 13:15:08
ubuntucve
ubuntucve
CVE-2021-39875
2021-10-05 00:00:00
veracode
veracode
Information Disclosure
2023-08-06 19:54:47
debiancve
debiancve
CVE-2021-39875
2021-10-05 13:15:08
cve
cve
CVE-2021-39875
2021-10-05 13:15:08
prion
prion
Code injection
2021-10-05 13:15:00
nessus
nessus
GitLab 13.6 < 14.1.7 / 14.2 < 14.2.5 / 14.3 < 14.3.1 (CVE-2021-39875)
2024-01-03 00:00:00
FreeBSD : Gitlab -- vulnerabilities (1bdd4db6-2223-11ec-91be-001b217b3468)
2021-10-05 00:00:00
freebsd
freebsd
Gitlab -- vulnerabilities
2021-09-30 00:00:00
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
5.8 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
44.1%
Related for CVELIST:CVE-2021-39875