CVE-2021-39879 log
| Source |
|
| Severity | Low |
| Remote | No |
| Type | Authentication bypass |
| Description | Missing authentication in all versions of GitLab CE/EE since version 7.11.0 allows an attacker with access to a victim's session to disable two-factor authentication. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-2431 | gitlab | 14.3.0-1 | 14.3.1-1 | High | Fixed |