First published: Mon Oct 04 2021(Updated: )
In all versions of GitLab CE/EE since version 8.0, when an admin uses the impersonate feature twice and stops impersonating, the admin may be logged in as the second user they impersonated, which may lead to repudiation issues.
Credit: cve@gitlab.com
Affected Software | Affected Version | How to fix |
---|---|---|
GitLab GitLab | >=8.0.0<14.1.7 | |
GitLab GitLab | >=8.0.0<14.1.7 | |
GitLab GitLab | >=14.2<14.2.5 | |
GitLab GitLab | >=14.2<14.2.5 | |
GitLab GitLab | >=14.3<14.3.1 | |
GitLab GitLab | >=14.3<14.3.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.