Security Advisory

CVE-2021-39937

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-12-13 15:47:51
Last updated 2024-08-04 02:20:34
Assigner GitLab
State PUBLISHED

Description

A collision in access memoization logic in all versions of GitLab CE/EE before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, leads to potential elevated privileges in groups and projects under rare circumstances