CVE-2021-22189

Summary

Starting with version 13.7 the Gitlab CE/EE editions were affected by a security issue related to the validation of the certificates for the Fortinet OTP that could result in authentication issues.

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=13.8.0, <13.8.4affected
GitLabGitLab>=13.7.0, <13.7.7affected
GitLabGitLab>=13.6, <13.6.7affected

Weaknesses

  • Improper certificate validation in GitLab

ADP Enrichment

CVE Program Container

Additional References

References