CVE-2021-39944
EUVD-2021-2630013.12.2021, 16:15
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. A permissions validation flaw allowed group members with a developer role to elevate their privilege to a maintainer on projects they importEnginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| gitlab | gitlab | 11.0.0 ≤ 𝑥 < 14.3.6 |
| gitlab | gitlab | 11.0.0 ≤ 𝑥 < 14.3.6 |
| gitlab | gitlab | 14.4.0 ≤ 𝑥 < 14.4.4 |
| gitlab | gitlab | 14.4.0 ≤ 𝑥 < 14.4.4 |
| gitlab | gitlab | 14.5.0 ≤ 𝑥 < 14.5.2 |
| gitlab | gitlab | 14.5.0 ≤ 𝑥 < 14.5.2 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Common Weakness Enumeration
References