4 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-39876
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee discloses the members of private groups. CVE-2021-39876 Note that...
GitLab 11.3 < 14.1.7 / 14.2 < 14.2.5 / 14.3 < 14.3.1 (CVE-2021-39876)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee discloses the members of private groups. CVE-2021-39876 Note that Nessus has not tested for this issue but...
CVE-2021-39876
In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee discloses the members of private groups...
CVE-2021-39876
CVE-2021-39876 affects GitLab CE/EE starting from version 11.3, where the autocomplete endpoint for Assignee discloses members of private groups. The root cause is an information-disclosure flaw in the Assignee autocomplete functionality, enabling partial confidentiality breach. Impact stated in ...