vulnerability
FreeBSD: VID-6c22bb39-0a9a-11ec-a265-001b217b3468 (CVE-2021-22258): Gitlab -- Vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:P/I:N/A:N) | Aug 31, 2021 | Nov 4, 2022 | Dec 10, 2025 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:P/I:N/A:N)
Published
Aug 31, 2021
Added
Nov 4, 2022
Modified
Dec 10, 2025
Description
Gitlab reports: Stored XSS in DataDog Integration Invited group members continue to have project access even after invited group is deleted Specially crafted requests to apollo_upload_server middleware leads to denial of service Privilege escalation of an external user through project token Missing access control allows non-admin users to add/remove Jira Connect Namespaces User enumeration on private instances Member e-mails can be revealed via project import/export feature Stored XSS in Jira integration Stored XSS in markdown via the Design reference
Solution
freebsd-upgrade-package-gitlab-ce
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.