2 matches found
UBUNTU-CVE-2021-39889
In all versions of GitLab EE since version 14.1, due to an insecure direct object reference vulnerability, an endpoint may reveal the protected branch name to a malicious user who makes a crafted API call with the ID of the protected branch...
PT-2021-22735 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 14.1 and later Description: The issue is related to an insecure direct object reference vulnerability. An endpoint may reveal the protected branch name to a malicious user who makes a crafted API call with the ID of the...