CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N
EPSS
Percentile
9.0%
An information disclosure issue in Gitlab CE/EE affecting all versions from
13.6 prior to 15.11.10, all versions from 16.0 prior to 16.0.6, all
versions from 16.1 prior to 16.1.1, resulted in the Sidekiq log including
webhook tokens when the log format was set to default
.