AVG-1521 log

Package gitlab
Status Fixed
Severity Medium
Type information disclosure
Affected 13.8.1-1
Fixed 13.8.2-1
Current 17.6.1-1 [extra]
Ticket None
Created Mon Feb 1 22:21:23 2021
Issue Severity Remote Type Description
CVE-2021-22172 Medium Yes Information disclosure
Improper authorization in GitLab 12.8+ allows a guest user in a private project to view tag data that should be inaccessible on the releases page. The issue...
Date Advisory Package Type
06 Feb 2021 ASA-202102-11 gitlab information disclosure
References
https://about.gitlab.com/blog/2021/02/01/security-release-gitlab-13-8-2-released/
Notes
There are five more issues in this announcement for which a CVE has been requested, but has not been assigned yet.