Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2024/01/03 12:0 a.m.28 views

GitLab 7.7 < 14.1.7 / 14.2 < 14.2.5 / 14.3 < 14.3.1 (CVE-2021-39881)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - In all versions of GitLab CE/EE since version 7.7, the application may let a malicious user create an OAuth client application with arbitrary scope names which may allow the malicious user to trick...

3.5CVSS5.3AI score0.00847EPSS
Exploits0References4
NVD
NVD
added 2021/10/05 2:15 p.m.11 views

CVE-2021-39881

In all versions of GitLab CE/EE since version 7.7, the application may let a malicious user create an OAuth client application with arbitrary scope names which may allow the malicious user to trick unsuspecting users to authorize the malicious client application using the spoofed scope name and...

3.5CVSS0.00847EPSS
Exploits0References3
OSV
OSV
added 2021/10/05 2:15 p.m.14 views

CVE-2021-39881

In all versions of GitLab CE/EE since version 7.7, the application may let a malicious user create an OAuth client application with arbitrary scope names which may allow the malicious user to trick unsuspecting users to authorize the malicious client application using the spoofed scope name and...

3.5CVSS6.5AI score0.00847EPSS
Exploits0References3
OSV
OSV
added 2021/10/05 2:15 p.m.2 views

UBUNTU-CVE-2021-39881

In all versions of GitLab CE/EE since version 7.7, the application may let a malicious user create an OAuth client application with arbitrary scope names which may allow the malicious user to trick unsuspecting users to authorize the malicious client application using the spoofed scope name and...

3.5CVSS5.9AI score0.00847EPSS
Exploits0References5
Cvelist
Cvelist
added 2021/10/05 1:40 p.m.22 views

CVE-2021-39881

In all versions of GitLab CE/EE since version 7.7, the application may let a malicious user create an OAuth client application with arbitrary scope names which may allow the malicious user to trick unsuspecting users to authorize the malicious client application using the spoofed scope name and...

3.5CVSS4.5AI score0.00847EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/10/05 12:0 a.m.9 views

PT-2021-22727 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 7.7 and later Description: The application may allow a malicious user to create an OAuth client application with arbitrary scope names, potentially tricking unsuspecting users into authorizing the malicious client...

3.5CVSS3.7AI score0.00847EPSS
Exploits0References11
Rows per page
Query Builder