Vulnerabilities > Gitlab > Gitlab > 14.3.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-04 | CVE-2021-39902 | Incorrect Authorization vulnerability in Gitlab Incorrect Authorization in GitLab CE/EE 13.4 or above allows a user with guest membership in a project to modify the severity of an incident. | 4.0 |
| 2021-11-04 | CVE-2021-39903 | Unspecified vulnerability in Gitlab In all versions of GitLab CE/EE since version 13.0, a privileged user, through an API call, can change the visibility level of a group or a project to a restricted option even after the instance administrator sets that visibility option as restricted in settings. | 4.0 |
| 2021-11-04 | CVE-2021-39914 | Resource Exhaustion vulnerability in Gitlab A regular expression denial of service issue in GitLab versions 8.13 to 14.2.5, 14.3.0 to 14.3.3 and 14.4.0 could cause excessive usage of resources when a specially crafted username was used when provisioning a new user | 5.0 |
| 2021-06-24 | CVE-2021-32823 | In the bindata RubyGem before version 2.4.10 there is a potential denial-of-service vulnerability. | 3.7 |