CVE-2021-39889 log

Severity Medium
Remote Yes
Type Information disclosure
In all versions of GitLab EE since version 14.1, due to an insecure direct object reference vulnerability, an endpoint may reveal the protected branch name to a malicious user who makes a crafted API call with the ID of the protected branch.
Group Package Affected Fixed Severity Status Ticket
AVG-2432 gitlab 14.3.0-1 High Not affected