VYPR
Unrated severityNVD Advisory· Published Jul 7, 2021· Updated Aug 3, 2024

CVE-2021-22224

CVE-2021-22224

Description

A cross-site request forgery vulnerability in the GraphQL API in GitLab since version 13.12 and before versions 13.12.6 and 14.0.2 allowed an attacker to call mutations as the victim

Affected products

3
  • GitLab Inc./GitLabllm-fuzzy2 versions
    >=13.12.0, <13.12.6, >=14.0.0, <14.0.2+ 1 more
    • (no CPE)range: >=13.12.0, <13.12.6, >=14.0.0, <14.0.2
    • (no CPE)range: >=13.12, <13.12.6
  • osv-coords
    Range: >= 13.12.0, < 13.12.6

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.