CVE-2021-22203

Summary

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7.9 before 13.8.7, all versions starting from 13.9 before 13.9.5, and all versions starting from 13.10 before 13.10.1. A specially crafted Wiki page allowed attackers to read arbitrary files on the server.

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=13.10, <13.10.1affected
GitLabGitLab>=13.9, <13.9.5affected
GitLabGitLab>=13.7.9, <13.8.7affected

Weaknesses

  • Information exposure in GitLab

ADP Enrichment

CVE Program Container

Additional References

References