Skip to main content

GitLab Multiple Vulnerabilities

Release Date: 30 Apr 2021 1410 Views

RISK: Medium Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

Multiple vulnerabilities were identified in GitLab, a remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, sensitive information disclosure, security restriction bypass, data manipulation and spoofing on the targeted system.


Impact

  • Spoofing
  • Denial of Service
  • Security Restriction Bypass
  • Information Disclosure
  • Data Manipulation

System / Technologies affected


Solutions

Before installation of the software, please visit the software vendor web-site for more details.

The vendor has issued a fix:

  • 13.11.2
  • 13.10.4
  • 13.9.7

Vulnerability Identifier


Source


Related Link

https://about.gitlab.com/releases/2021/04/28/security-release-gitlab-13-11-2-released/
https://www.auscert.org.au/bulletins/ESB-2021.1456