Multiple vulnerabilities were identified in GitLab. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure, cross-site scripting, remote code execution, denial of service condition and security restriction bypass on the targeted system.
Security Restriction Bypass
Denial of Service
Remote Code Execution
System / Technologies affected
GitLab Community Edition (CE) versions prior to 15.3.2, 15.2.4, and 15.1.6
GitLab Enterprise Edition (EE) versions prior to 15.3.2, 15.2.4, and 15.1.6
Before installation of the software, please visit the software vendor web-site for more details.
The vendor has issued a fix