CVE-2021-22226

Summary

Under certain conditions, some users were able to push to protected branches that were restricted to deploy keys in GitLab CE/EE since version 13.9

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=13.9, <13.11.6affected
GitLabGitLab>=13.12, <13.12.6affected
GitLabGitLab>=14.0, <14.0.2affected

Weaknesses

  • Improper authorization in GitLab

ADP Enrichment

CVE Program Container

Additional References

References