Unrated severityNVD Advisory· Published Jun 8, 2021· Updated Aug 3, 2024
CVE-2021-22218
CVE-2021-22218
Description
All versions of GitLab CE/EE starting from 12.8 before 13.10.5, all versions starting from 13.11 before 13.11.5, and all versions starting from 13.12 before 13.12.2 were affected by an issue in the handling of x509 certificates that could be used to spoof author of signed commits.
Affected products
3>=12.8, <13.10.5 || >=13.11, <13.11.5 || >=13.12, <13.12.2+ 1 more
- (no CPE)range: >=12.8, <13.10.5 || >=13.11, <13.11.5 || >=13.12, <13.12.2
- (no CPE)range: >=12.8, <13.10.5
Patches
Vulnerability mechanics
References
3- gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22218.jsonmitrex_refsource_CONFIRM
- gitlab.com/gitlab-org/gitlab/-/issues/297665mitrex_refsource_MISC
- hackerone.com/reports/1077019mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.