3 matches found
CVE-2021-22252
A confusion between tag and branch names in GitLab CE/EE affecting all versions since 13.7 allowed a Developer to access protected CI variables which should only be accessible to Maintainers...
GitLab 13.7 < 13.12.9 / 14.0 < 14.0.7 / 14.1 < 14.1.2 (CVE-2021-22252)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A confusion between tag and branch names in GitLab CE/EE affecting all versions since 13.7 allowed a Developer to access protected CI variables which should only be accessible to Maintainers...
CVE-2021-22252
CVE-2021-22252 describes a logic issue in GitLab CE/EE where a confusion between tag and branch names since version 13.7 allowed a Developer to access protected CI variables that should be Maintainer-only. Affected: GitLab CE/EE, all versions since 13.7. Root cause: misinterpretation between tag ...