Vulnerabilities > Google > Gerrit > 2.16.23
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-17 | CVE-2021-22553 | Missing Release of Resource after Effective Lifetime vulnerability in Google Gerrit Any git operation is passed through Jetty and a session is created. | 7.5 |
| 2020-12-10 | CVE-2020-8920 | Unspecified vulnerability in Google Gerrit An information leak vulnerability exists in Gerrit versions prior to 2.14.22, 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where an overoptimization with the FilteredRepository wrapper skips the verification of access on All-Users repositories, allowing an attacker to get read access to all users' personal information associated with their accounts. low complexity google | 2.7 |