GitLab Branch Name Disclosure Vulnerability

GitLab Branch Name Disclosure Vulnerability

CVE-2022-3375 · LOW Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

An issue has been discovered in GitLab affecting all versions starting from 11.10 before 15.8.5, all versions starting from 15.9 before 15.9.4, all versions starting from 15.10 before 15.10.1. It was possible to disclose the branch names when attacker has a fork of a project that was switched to private.

Learn more about our Web Application Penetration Testing UK.