Lack of an access control check in the External Status Check feature allowed any authenticated user to retrieve the configuration of any External Status Check in GitLab EE starting from 14.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2.

Related CVEs

CVE-2021-39916

Key Information

GHSA ID

GHSA-cxxv-5c8r-2cfh

Published

December 14, 2021 12:00 AM

Last Modified

July 13, 2022 12:01 AM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: June 17, 2025 6:25 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.