Vulnerabilities > CVE-2021-22215 - Unspecified vulnerability in Gitlab

CVSS 2.7 - LOW

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

LOW

Integrity impact

NONE

Availability impact

NONE

network

low complexity

gitlab

NVD

Published: 2021-06-08

Updated: 2024-11-21

Summary

An information disclosure vulnerability in GitLab EE versions 13.11 and later allowed a project owner to leak information about the members' on-call rotations in other projects

Vulnerable Configurations

Part	Description	Count
Application	Gitlab Gitlab Gitlab 13.12.0 Gitlab Gitlab 13.12.1 Gitlab Gitlab 13.11.0 Gitlab Gitlab 13.11.1 Gitlab Gitlab 13.11.2 Gitlab Gitlab 13.11.3 Gitlab Gitlab 13.11.4	7

References

https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22215.json
https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22215.json
https://gitlab.com/gitlab-org/gitlab/-/issues/328668
https://gitlab.com/gitlab-org/gitlab/-/issues/328668