CVE-2021-22221 — Vulnetix

CVE-2021-22221 PUBLISHED

An issue has been discovered in GitLab affecting all versions starting from 12.9.0 before 13.10.5, all versions starting from 13.11.0 before 13.11.5, all versions starting from 13.12.0 before 13.12.2. Insufficient expired password validation in various operations allow user to maintain limited access after their password expired

EPSS 0.19% · 40.6th percentile

Risk Scores

EPSS Score

0.19%

40.6th percentile

Affected Products

Vendor	Product	Versions
Bitnami	gitlab	12.9.0, 13.12.0, 13.11.0
Bitnami	gitlab	12.9.0, 13.11.0, 13.12.0

Exploit Intelligence

https://gitlab.com/gitlab-org/gitlab/-/issues/292006 (circl)
https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22221.json (circl)

Timeline

Jun 8, 2021 CVE Published
Jun 9, 2021 EPSS Score
Aug 10, 2021 EPSS Score
Oct 10, 2021 EPSS Score
Dec 9, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Feb 8, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Apr 10, 2022 EPSS Score
Jun 10, 2022 EPSS Score
Aug 11, 2022 EPSS Score
Oct 11, 2022 EPSS Score

References

https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22221.json url
https://gitlab.com/gitlab-org/gitlab/-/issues/292006 url
https://nvd.nist.gov/vuln/detail/CVE-2021-22221 url

Open in Interactive Console →