In all versions of GitLab CE/EE starting from 0.8.0 prior to 14.2.6, all versions starting from 14.3 prior to 14.3.4, and all versions starting from 14.4 prior to 14.4.1 certain Unicode characters can be abused to commit malicious code into projects without being noticed in merge request or source code viewer UI.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gitlab gitlab |
||
gitlab gitlab 14.4.0 |