Unauthorized Access to Pipeline Information in GitLab CE/EE Versions 13.12 and above
CVE-2021-22248 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Improper authorization on the pipelines page in GitLab CE/EE affecting all versions since 13.12 allowed unauthorized users to view some pipeline information for public projects that have access to pipelines restricted to members only
Learn more about our User Device Pen Test.