Under specialized conditions, GitLab may allow a user with an impersonation token to perform Git actions even if impersonation is disabled. This vulnerability is present in GitLab CE/EE versions before 13.12.9, 14.0.7, 14.1.2
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitLab
Published: 2021-08-25T18:37:19
Updated: 2024-08-03T18:37:18.434Z
Reserved: 2021-01-05T00:00:00
Link: CVE-2021-22237
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-08-25T19:15:10.600
Modified: 2021-08-31T18:42:24.027
Link: CVE-2021-22237
Redhat
No data.