CVE-2021-22194

Summary

In all versions of GitLab, marshalled session keys were being stored in Redis.

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab<13.7.8affected
GitLabGitLab>=13.8, <13.8.5affected
GitLabGitLab>=13.9, <13.9.2affected

Weaknesses

  • Insecure storage of sensitive information in GitLab

ADP Enrichment

CVE Program Container

Additional References

References