{"vulnerability": "CVE-2021-3990", "sightings": [{"uuid": "ecddb86b-a3ac-4d03-b670-06290be6f04b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3990", "type": "seen", "source": "https://t.me/cibsecurity/33181", "content": "\u203c CVE-2021-3990 \u203c\n\nshowdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-01T14:35:40.000000Z"}, {"uuid": "5b69248d-ec31-4cb4-9605-4e7f5fc9484a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39908", "type": "seen", "source": "https://t.me/cibsecurity/40057", "content": "\u203c CVE-2021-39908 \u203c\n\nIn all versions of GitLab CE/EE, certain Unicode characters can be abused to commit malicious code into projects without being noticed in merge request or source code viewer UI.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-02T02:26:21.000000Z"}, {"uuid": "c9b57f75-bed6-4b2a-a0e2-5caad07e7133", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39903", "type": "seen", "source": "https://t.me/cibsecurity/31864", "content": "\u203c CVE-2021-39903 \u203c\n\nIn all versions of GitLab CE/EE since version 13.0, a privileged user, through an API call, can change the visibility level of a group or a project to a restricted option even after the instance administrator sets that visibility option as restricted in settings.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-05T01:25:13.000000Z"}, {"uuid": "9830aad7-e351-47d0-ace7-082ef35570de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39902", "type": "seen", "source": "https://t.me/cibsecurity/31865", "content": "\u203c CVE-2021-39902 \u203c\n\nIncorrect Authorization in GitLab CE/EE 13.4 or above allows a user with guest membership in a project to modify the severity of an incident.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-05T01:25:14.000000Z"}]}