CVE-2021-22167

Summary

An issue has been discovered in GitLab affecting all versions starting from 12.1. Incorrect headers in specific project page allows attacker to have a temporary read access to the private repository

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=12.1, <13.5.6affected
GitLabGitLab>=13.6, <13.6.4affected
GitLabGitLab>=13.7, <13.7.2affected

Weaknesses

  • Information exposure in GitLab

ADP Enrichment

CVE Program Container

Additional References

References