CVE-2022-2251

GitLab Runner (GitLab) suffers from an OS command injection due to improper sanitization/cleanup of branch names. A user can create a specially crafted branch name and cause another user’s pipeline to execute commands in the runner as that user. Affected versions are prior to 15.3.5, 15.4 prior t...