Vulnerabilities > CVE-2021-22211 - Incorrect Authorization vulnerability in Gitlab

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
network
low complexity
gitlab
CWE-863
NVD
Published: 2021-05-06
Updated: 2021-05-13

Summary

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7. GitLab Dependency Proxy, under certain circumstances, can impersonate a user resulting in possibly incorrect access handling.

Vulnerable Configurations

Part Description Count
Application
Gitlab
64

Common Weakness Enumeration (CWE)

References