CVE-2021-22201 - An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9. A specially

CVE-2021-22201

Summary

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.9. A specially crafted import file could read files on the server.

References

Vulnerable Configurations

cpe:2.3:a:gitlab:gitlab:13.10.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:13.10.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:13.10.0:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:13.10.0:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:13.9.0:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:13.9.0:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:13.9.1:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:13.9.1:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:13.9.2:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:13.9.2:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:13.9.3:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:13.9.3:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:13.9.4:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:13.9.4:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:13.9.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:13.9.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:13.9.1:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:13.9.1:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:13.9.2:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:13.9.2:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:13.9.3:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:13.9.3:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:13.9.4:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:13.9.4:*:*:*:enterprise:*:*:*

CVSS

Base:	4.0 (as of 21-08-2024 - 14:07)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:L/Au:S/C:P/I:N/A:N

Last major update

21-08-2024 - 14:07

Published

02-04-2021 - 17:15

Last modified

21-08-2024 - 14:07