8.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
0.002 Low
EPSS
Percentile
54.8%
Gitlab reports:
Revoke access to confidential notes todos
Pipeline subscriptions trigger new pipelines with the wrong author
Ability to gain access to private project through an email invite by using other user’s email address as an unverified secondary email
Import via git protocol allows to bypass checks on repository
Unauthenticated IP allowlist bypass when accessing job artifacts through GitLab Pages
Maintainer can leak Packagist and other integration access tokens by changing integration URL
Unauthenticated access to victims Grafana datasources through path traversal
Unauthorized users can filter issues by contact and organization
Malicious Maintainer may change the visibility of project or a group
Stored XSS in job error messages
Enforced group MFA can be bypassed when using Resource Owner Password Credentials grant
Non project members can view public project’s Deploy Keys
IDOR in project with Jira integration leaks project owner’s other projects Jira issues
Group Bot Users and Tokens not deleted after group deletion
Email invited members can join projects even after the member lock has been enabled
Datadog integration returns user emails
8.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
0.002 Low
EPSS
Percentile
54.8%