Vulnerability: Unauthorized Access to Internal Repository Data in GitLab CE/EE

Vulnerability: Unauthorized Access to Internal Repository Data in GitLab CE/EE

CVE-2021-22200 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.6. Under a special condition it was possible to access data of an internal repository through a public project fork as an anonymous user.

Learn more about our Internal Network Penetration Testing.