User Credential Exposure in GitLab
CVE-2017-0882
6.3MEDIUM
Key Information:
- Vendor
Gitlab
- Vendor
- CVE Published:
- 28 March 2017
What is CVE-2017-0882?
GitLab has a vulnerability that allows unauthorized access to sensitive user credentials when a user is assigned to an issue or merge request. This exposure can occur in multiple versions of the application prior to the patches released in March 2017 (versions 8.15.8, 8.16.7, and 8.17.4). It is crucial for users of affected versions to update their software promptly to protect against potential information leaks.
Affected Version(s)
GitLab Community Edition and GitLab Enterprise Edition 8.7.0 through 8.15.7, 8.16.0 through 8.16.7, 8.17.0 through 8.17.3 GitLab Community Edition and GitLab Enterprise Edition 8.7.0 through 8.15.7, 8.16.0 through 8.16.7, 8.17.0 through 8.17.3