CVE Vulnerabilities

CVE-2021-39869

Published: Oct 05, 2021 | Modified: Jun 28, 2022
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

In all versions of GitLab CE/EE since version 8.9, project exports may expose trigger tokens configured on that project.

Affected Software

Name Vendor Start Version End Version
Gitlab Gitlab 8.9.0 (including) 14.1.7 (excluding)
Gitlab Gitlab 14.2.0 (including) 14.2.5 (excluding)
Gitlab Gitlab 4.3.0 (including) 4.3.0 (including)
Gitlab Ubuntu esm-apps/xenial *
Gitlab Ubuntu xenial *

References