Data Leakage Vulnerability in GitLab CE/EE Versions 12.8 and above

CVE-2021-22229 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

An issue has been discovered in GitLab CE/EE affecting all versions starting with 12.8. Under a special condition it was possible to access data of an internal repository through project fork done by a project member.

Learn more about our Internal Network Penetration Testing.