Vulnerability Database

308,677

Total vulnerabilities in the database

CVE-2021-22262

Missing access control in all GitLab versions starting from 13.12 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 with Jira Cloud integration enabled allows Jira users without administrative privileges to add and remove Jira Connect Namespaces via the GitLab.com for Jira Cloud application configuration page

Published: Oct 5, 2021
Updated: Nov 16, 2025
CVE: CVE-2021-22262
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.4
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:N/I:P/A:N

CWEs:

CWE-863

Affected Software
References

Software	From	Fixed in
gitlab / gitlab	14.2.0	14.2.2
gitlab / gitlab	14.1.0	14.1.4
gitlab / gitlab	13.12.0	14.0.9

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo