CVE-2022-0373

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
01/04/2022
Last modified:
08/08/2023

Description

Improper access control in GitLab CE/EE versions 12.4 to 14.5.4, 14.5 to 14.6.4, and 12.6 to 14.7.1 allows project non-members to retrieve the service desk email address

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* 12.4.0 (including) 14.7.1 (excluding)
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* 12.4.0 (including) 14.7.1 (excluding)