Thousands of GitLab instances are affected by a new security flaw.

David Artykov
Purple Team
Published in
2 min readMar 4, 2022

--

Retrieved from about.gitlab.com

Security researchers have revealed details of a now-patched security flaw in GitLab, an open-source DevOps platform, that may enable a remote, unauthenticated adversary to retrieve user-related data. The medium-severity vulnerability, dubbed CVE-2021–4191 (CVSS score: 5.3), impacts all versions of GitLab Community Edition and Enterprise Edition starting with 13.0, as well as…

--

--