CVE-2021-22221 log

Source
Severity Medium
Remote Yes
Type Authentication bypass
Description
An issue has been discovered in GitLab affecting all versions starting from 12.9.0 before 13.12.2. Insufficient expired password validation in various operations allowed users to maintain limited access after their password expired.
Group Package Affected Fixed Severity Status Ticket
AVG-2023 gitlab 13.11.3-1 13.12.2-1 High Fixed
Date Advisory Group Package Severity Type
09 Jun 2021 ASA-202106-21 AVG-2023 gitlab High multiple issues
References
https://about.gitlab.com/releases/2021/06/01/security-release-gitlab-13-12-2-released/
https://gitlab.com/gitlab-org/gitlab/-/issues/292006