Unrated severityNVD Advisory· Published Apr 2, 2021· Updated Aug 3, 2024
CVE-2021-22203
CVE-2021-22203
Description
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7.9 before 13.8.7, all versions starting from 13.9 before 13.9.5, and all versions starting from 13.10 before 13.10.1. A specially crafted Wiki page allowed attackers to read arbitrary files on the server.
Affected products
3>=13.7.9 <13.8.7 || >=13.9.0 <13.9.5 || >=13.10.0 <13.10.1+ 1 more
- (no CPE)range: >=13.7.9 <13.8.7 || >=13.9.0 <13.9.5 || >=13.10.0 <13.10.1
- (no CPE)range: >=13.10, <13.10.1
Patches
Vulnerability mechanics
References
3- gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22203.jsonmitrex_refsource_CONFIRM
- gitlab.com/gitlab-org/gitlab/-/issues/320919mitrex_refsource_MISC
- hackerone.com/reports/1098793mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.