CVE-2021-39945 log

Severity Low
Remote Yes
Type Access restriction bypass
Improper access control in the GitLab API affecting all versions before version 14.5.2 allows an author of a Merge Request to approve the Merge Request even after having their project access revoked.
Group Package Affected Fixed Severity Status Ticket
AVG-2603 gitlab 14.5.0-1 14.5.2-1 High Fixed
Date Advisory Group Package Severity Type
11 Dec 2021 ASA-202112-10 AVG-2603 gitlab High multiple issues