Security Advisory

CVE-2021-39872

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-10-05 12:34:28

Last updated 2024-08-04 02:20:33

Assigner GitLab

State PUBLISHED

Description

In all versions of GitLab CE/EE since version 14.1, an improper access control vulnerability allows users with expired password to still access GitLab through git and API through access tokens acquired before password expiration.

← Browse all CVEs View on cve.org ↗