Medium CVSS 5.3

Overview

An issue has been discovered in GitLab EE affecting all versions prior to 17.10.8, 17.11 prior to 17.11.4, and 18.0 prior to 18.0.2. It may have been possible for private repository to be cloned in case of race condition when a secondary node is out of sync.

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 5.3 (MEDIUM)
  • Detected tags: race (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags