CVE-2021-22172 log
Source |
|
Severity | Medium |
Remote | Yes |
Type | Information disclosure |
Description | Improper authorization in GitLab 12.8+ allows a guest user in a private project to view tag data that should be inaccessible on the releases page. The issue is fixed in versions 13.8.2, 13.7.6 and 13.6.6. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-1521 | gitlab | 13.8.1-1 | 13.8.2-1 | Medium | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
06 Feb 2021 | ASA-202102-11 | AVG-1521 | gitlab | Medium | information disclosure |