CVE-2021-22249

Summary

A verbose error message in GitLab EE affecting all versions since 12.2 could disclose the private email address of a user invited to a group

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=12.2, <13.12.9affected
GitLabGitLab>=14.0, <14.0.7affected
GitLabGitLab>=14.1, <14.1.2affected

Weaknesses

  • Information exposure through an error message in GitLab

ADP Enrichment

CVE Program Container

Additional References

References