First published: Wed Mar 03 2021(Updated: )
An issue has been discovered in GitLab affecting all versions starting with 13.0. Confidential issue titles in Gitlab were readable by an unauthorised user via branch logs.
Credit: cve@gitlab.com
Affected Software | Affected Version | How to fix |
---|---|---|
GitLab GitLab | >=13.0.0<13.6.7 | |
GitLab GitLab | >=13.0.0<13.6.7 | |
GitLab GitLab | >=13.7.0<13.7.7 | |
GitLab GitLab | >=13.7.0<13.7.7 | |
GitLab GitLab | >=13.8.0<13.8.4 | |
GitLab GitLab | >=13.8.0<13.8.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-22188 is an issue in GitLab where confidential issue titles were readable by an unauthorized user via branch logs.
All versions of GitLab starting from 13.0 up to 13.6.7 are affected by CVE-2021-22188.
CVE-2021-22188 has a severity rating of medium with a CVSS score of 5.3.
To fix CVE-2021-22188, it is recommended to upgrade GitLab to version 13.6.8 or later.
You can find more information about CVE-2021-22188 on the GitLab CVE page and the associated GitLab and HackerOne links.