An authorization logic error in the External Status Check API in GitLab EE affecting all versions starting from 14.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allowed a user to update the status of the check via an API call
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitLab

Published: 2022-02-09T22:05:14

Updated: 2024-08-04T02:20:34.212Z

Reserved: 2021-08-23T00:00:00

Link: CVE-2021-39943

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-02-09T23:15:16.023

Modified: 2024-11-21T06:20:37.697

Link: CVE-2021-39943

cve-icon Redhat

Severity : Moderate

Publid Date: 2022-02-10T00:00:00Z

Links: CVE-2021-39943 - Bugzilla