Vulnerabilities > CVE-2021-22211 - Incorrect Authorization vulnerability in Gitlab

047910
CVSS 3.5 - LOW
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
SINGLE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
gitlab
CWE-863
NVD
Published: 2021-05-06
Updated: 2021-05-13

Summary

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7. GitLab Dependency Proxy, under certain circumstances, can impersonate a user resulting in possibly incorrect access handling.

Vulnerable Configurations

Part Description Count
Application
Gitlab
64

Common Weakness Enumeration (CWE)

References