Candidate: CVE-2022-0371
PublicDate: 2022-03-28 19:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0371
 https://gitlab.com/gitlab-org/gitlab/-/issues/350476
 https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0371.json
Description:
 An issue has been discovered in GitLab CE/EE affecting all versions
 starting from 11.4 before 14.5.4, all versions starting from 14.6 before
 14.6.4, all versions starting from 14.7 before 14.7.1. GitLab search may
 allow authenticated users to search other users by their respective private
 emails even if a user set their email to private.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N [4.3 MEDIUM]


Patches_gitlab:
upstream_gitlab: needs-triage
trusty_gitlab: ignored (out of standard support)
xenial_gitlab: ignored (out of standard support)