Unrated severityNVD Advisory· Published Mar 26, 2021· Updated Aug 3, 2024
CVE-2021-22172
CVE-2021-22172
Description
Improper authorization in GitLab 12.8+ allows a guest user in a private project to view tag data that should be inaccessible on the releases page
Affected products
3>=12.8+ 1 more
- (no CPE)range: >=12.8
- (no CPE)range: >=12.8, <13.6.6
Patches
Vulnerability mechanics
References
3- gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22172.jsonmitrex_refsource_CONFIRM
- gitlab.com/gitlab-org/gitlab/-/issues/212911mitrex_refsource_MISC
- hackerone.com/reports/833334mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.