CVE-2021-39872 log

Severity Medium
Remote Yes
Type Access restriction bypass
In all versions of GitLab CE/EE since version 14.1, an improper access control vulnerability allows users with expired password to still access GitLab through git and API through access tokens acquired before password expiration.
Group Package Affected Fixed Severity Status Ticket
AVG-2431 gitlab 14.3.0-1 14.3.1-1 High Fixed