Unrated severityNVD Advisory· Published Jul 7, 2021· Updated Aug 3, 2024

CVE-2021-22230

Description

Improper code rendering while rendering merge requests could be exploited to submit malicious code. This vulnerability affects GitLab CE/EE 9.3 and later through 13.11.6, 13.12.6, and 14.0.2.

Affected products

GitLab Inc./CE/EEllm-fuzzy
Range: >=9.3, <=13.11.6 || >=9.3, <=13.12.6 || >=9.3, <=14.0.2
osv-coords
pkg:bitnami/gitlab
Range: >= 9.3.0, < 13.11.6
GitLab Inc./GitLabv5
Range: >=9.3, <13.11.6

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22230.jsonmitrex_refsource_CONFIRM
gitlab.com/gitlab-org/gitlab/-/issues/211976mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000