AVG-1888 log

Package gitlab
Status Fixed
Severity High
Type multiple issues
Affected 13.10.3-2
Fixed 13.10.4-1
Current 13.11.3-1 [community-testing]
13.10.4-1 [community]
Ticket None
Created Wed Apr 28 10:57:49 2021
Advisory Pending
Issue Severity Remote Type Description
CVE-2021-22211 Low Yes Access restriction bypass
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7. GitLab Dependency Proxy, under certain circumstances, can...
CVE-2021-22210 Medium Yes Denial of service
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.2. When querying the repository branches through API, GitLab was...
CVE-2021-22209 High Yes Insufficient validation
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.8. GitLab was not properly validating authorisation tokens which...
CVE-2021-22208 Medium Yes Access restriction bypass
An issue has been discovered in GitLab affecting versions prior to 13.5. Improper permission check could allow the change of timestamp for issue creation or...
CVE-2021-22206 Medium Yes Information disclosure
An issue has been discovered in GitLab affecting all versions prior to 11.6. Pull mirror credentials were exposed and could allow other maintainers to view...