CVE-2017-0882

CVE-2017-0882

Vendor N/A
Product GitLab Community Edition and GitLab Enterprise Edition 8.7.0 through 8.15.7, 8.16.0 through 8.16.7, 8.17.0 through 8.17.3
Weakness CWE-639 · IDOR
Published March 28, 2017
Last update August 5, 2024

CVSS base score

What the vulnerability does

01Description

Multiple versions of GitLab expose sensitive user credentials when assigning a user to an issue or merge request. A fix was included in versions 8.15.8, 8.16.7, and 8.17.4, which were released on March 20th 2017 at 23:59 UTC.

Key dates

02Disclosure timeline

March 28, 2017 CVE published
August 5, 2024 Record updated

Related vulnerabilities

04Related CVE