{"id":"CVE-2017-0922","details":"Gitlab Enterprise Edition version 10.3 is vulnerable to an authorization bypass issue in the GitLab Projects::BoardsController component resulting in an information disclosure on any board object.","modified":"2026-04-10T03:54:32.379955Z","published":"2018-03-21T20:29:00.527Z","references":[{"type":"ADVISORY","url":"https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/"},{"type":"REPORT","url":"https://hackerone.com/reports/301123"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://gitlab.com/gitlab-org/gitlab","events":[{"introduced":"a515b56a128da5bace23d4b475030b91e87b9606"},{"last_affected":"9c32fedb6d29601a9cb698a25f8b917724b484b3"},{"introduced":"a515b56a128da5bace23d4b475030b91e87b9606"},{"last_affected":"9c32fedb6d29601a9cb698a25f8b917724b484b3"},{"introduced":"235b8d50ad14e7cdf4bc61c3df070f38dee97974"},{"last_affected":"5a1abb98b40ef0047d634b6ff09c3379da46cff9"},{"introduced":"235b8d50ad14e7cdf4bc61c3df070f38dee97974"},{"last_affected":"5a1abb98b40ef0047d634b6ff09c3379da46cff9"},{"introduced":"d90716aff22310b27734df86d287d2cb4084fdbb"},{"last_affected":"3ec4b67ffebfd15dd22fca7b35b0405454422df7"},{"introduced":"d90716aff22310b27734df86d287d2cb4084fdbb"},{"last_affected":"3ec4b67ffebfd15dd22fca7b35b0405454422df7"},{"introduced":"6369db0196ec7b6e288b16382c95243424a59b62"},{"last_affected":"3f64be9aeeb1a8c7c88b50bdf0212118dc265ce6"},{"introduced":"6369db0196ec7b6e288b16382c95243424a59b62"},{"last_affected":"3f64be9aeeb1a8c7c88b50bdf0212118dc265ce6"}],"database_specific":{"versions":[{"introduced":"9.1.0"},{"last_affected":"9.5.10"},{"introduced":"9.1.0"},{"last_affected":"9.5.10"},{"introduced":"10.0.0"},{"last_affected":"10.1.5"},{"introduced":"10.0.0"},{"last_affected":"10.1.5"},{"introduced":"10.2.0"},{"last_affected":"10.2.5"},{"introduced":"10.2.0"},{"last_affected":"10.2.5"},{"introduced":"10.3.0"},{"last_affected":"10.3.3"},{"introduced":"10.3.0"},{"last_affected":"10.3.3"}]}}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-0922.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}