CVE-2021-39934
13.12.2021, 16:15
Improper access control allows any project member to retrieve the service desk email address in GitLab CE/EE versions starting 12.10 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2.Enginsight
Vendor | Product | Version |
---|---|---|
gitlab | gitlab | 12.10.0 ≤ 𝑥 < 14.3.6 |
gitlab | gitlab | 12.10.0 ≤ 𝑥 < 14.3.6 |
gitlab | gitlab | 14.4.0 ≤ 𝑥 < 14.4.4 |
gitlab | gitlab | 14.4.0 ≤ 𝑥 < 14.4.4 |
gitlab | gitlab | 14.5.0 ≤ 𝑥 < 14.5.2 |
gitlab | gitlab | 14.5.0 ≤ 𝑥 < 14.5.2 |
𝑥
= Vulnerable software versions

Ubuntu Releases
Common Weakness Enumeration
References