Lucene search
GitLabCVELIST:CVE-2021-39884HistoryOct 05, 2021 - 12:27 p.m.
CVE-2021-39884
2021-10-0512:27:21
GitLab
www.cve.org
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
29.8%
In all versions of GitLab EE since version 8.13, an endpoint discloses names of private groups that have access to a project to low privileged users that are part of that project.
CNA Affected
[
{
"product": "GitLab",
"vendor": "GitLab",
"versions": [
{
"status": "affected",
"version": ">=8.13, <14.1.7"
},
{
"status": "affected",
"version": ">=14.2, <14.2.5"
},
{
"status": "affected",
"version": ">=14.3, <14.3.1"
}
]
}
]Related
cve
cve
CVE-2021-39884
2021-10-05 13:15:08
osv
osv
BIT-gitlab-2021-39884
2024-03-06 11:18:28
CVE-2021-39884
2021-10-05 13:15:08
prion
prion
Code injection
2021-10-05 13:15:00
nessus
nessus
GitLab 8.13 < 14.1.7 / 14.2 < 14.2.5 / 14.3 < 14.3.1 (CVE-2021-39884)
2024-01-03 00:00:00
FreeBSD : Gitlab -- vulnerabilities (1bdd4db6-2223-11ec-91be-001b217b3468)
2021-10-05 00:00:00
ubuntucve
ubuntucve
CVE-2021-39884
2021-10-05 00:00:00
nvd
nvd
CVE-2021-39884
2021-10-05 13:15:08
debiancve
debiancve
CVE-2021-39884
2021-10-05 13:15:08
freebsd
freebsd
Gitlab -- vulnerabilities
2021-09-30 00:00:00
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
29.8%
Related for CVELIST:CVE-2021-39884