CVE-2021-39905

Summary

An information disclosure vulnerability in the GitLab CE/EE API since version 8.9.6 allows a user to see basic information on private groups that a public project has been shared with

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=8.9.6, <14.2.6affected

Weaknesses

  • Information exposure in GitLab

ADP Enrichment

CVE Program Container

Additional References

References