CVE-2021-22198 log

Severity Medium
Remote Yes
Type Access restriction bypass
An issue has been discovered in GitLab CE/EE affecting all versions from 13.8 and above allowing an authenticated user to delete incident metric images of public projects. The issue is fixed in GitLab versions 13.10.1, 13.9.5 and 13.8.7.
Group Package Affected Fixed Severity Status Ticket
AVG-1770 gitlab 13.9.4-1 13.10.1-1 Critical Fixed