CVE-2021-22229

Summary

An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.8. Under a special condition it was possible to access data of an internal repository through project fork done by a project member.

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=12.8, <13.11.6affected
GitLabGitLab>=13.12, <13.12.6affected
GitLabGitLab>=14.0, <14.0.2affected

Weaknesses

  • Improper access control in GitLab

ADP Enrichment

CVE Program Container

Additional References

References