CVE-2021-22193

An issue has been discovered in GitLab affecting all versions starting with 7.1. A member of a private group was able to validate the use of a specific name for private project.
References
Link Resource
https://hackerone.com/reports/605608 Exploit Issue Tracking Third Party Advisory
https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22193.json Vendor Advisory
https://gitlab.com/gitlab-org/gitlab/-/issues/12560 Exploit Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*

Information

Published : 2021-03-24 10:15

Updated : 2021-03-26 09:24


NVD link : CVE-2021-22193

Mitre link : CVE-2021-22193


JSON object : View

CWE
CWE-209

Generation of Error Message Containing Sensitive Information

Advertisement

dedicated server usa

Products Affected

gitlab

  • gitlab