4 matches found
GitLab 13.7 < 13.9.7 / 13.10 < 13.10.4 / 13.11 < 13.11.2 (CVE-2021-22211)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7. GitLab Dependency Proxy, under certain circumstances, can impersonate a user resulting in possibly incorrect...
CVE-2021-22211
CVE-2021-22211 affects GitLab CE/EE starting from version 13.7, where GitLab Dependency Proxy could impersonate a user under certain circumstances, potentially enabling incorrect access handling. Impacted in-the-wild behavior is described as a user impersonation vulnerability with possible access...
CVE-2021-22211
Removed by vendor...
FreeBSD : Gitlab -- Vulnerabilities (518a119c-a864-11eb-8ddb-001b217b3468)
Gitlab reports : Read API scoped tokens can execute mutations Pull mirror credentials were exposed Denial of Service when querying repository branches API Non-owners can set systemnotetimestamp when creating / updating issues DeployToken will impersonate a User with the same ID when using...