Lucene search
+L

4 matches found

nessus
nessus
added 2025/08/30 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2021-39876

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee discloses the members of private groups. CVE-2021-39876 Note that...

4.3CVSS5AI score0.00801EPSS
Exploits1References2
nessus
nessus
added 2024/05/17 12:0 a.m.19 views

GitLab 11.3 < 14.1.7 / 14.2 < 14.2.5 / 14.3 < 14.3.1 (CVE-2021-39876)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee discloses the members of private groups. CVE-2021-39876 Note that Nessus has not tested for this issue but...

4.3CVSS5.1AI score0.00801EPSS
Exploits1References4
cvelist
cvelist
added 2022/03/28 6:53 p.m.23 views

CVE-2021-39876

In all versions of GitLab CE/EE since version 11.3, the endpoint for auto-completing Assignee discloses the members of private groups...

4.3CVSS4.8AI score0.00801EPSS
Exploits1References3
cve
cve
added 2022/03/28 6:53 p.m.95 views

CVE-2021-39876

CVE-2021-39876 affects GitLab CE/EE starting from version 11.3, where the autocomplete endpoint for Assignee discloses members of private groups. The root cause is an information-disclosure flaw in the Assignee autocomplete functionality, enabling partial confidentiality breach. Impact stated in ...

4.3CVSS4.4AI score0.00801EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder