CVE-2021-22167 log

Severity Medium
Remote Yes
Type Information disclosure
An issue has been discovered in GitLab affecting all versions starting from 12.1. Incorrect headers within a specific project page allow attackers to have temporary read access to a public repository with project features restricted only to members. The issue is mitigated in GitLab version 13.7.2, 13.6.4, and 13.5.6.
Group Package Affected Fixed Severity Status Ticket
AVG-1416 gitlab 13.7.1-1 13.7.2-1 High Fixed
Date Advisory Group Package Severity Type
12 Jan 2021 ASA-202101-10 AVG-1416 gitlab High multiple issues