CVE-2023-2022

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions prior to 16.0.8 GitLab CE/EE versions 16.1 prior to 16.1.3 GitLab CE/EE versions 16.2 prior to 16.2.2

Description An issue has been discovered in GitLab CE/EE, which allows developers to create pipeline schedules on protected branches even if they don't have access to merge.

Recommendations For versions prior to 16.0.8, update to version 16.0.8 or later. For versions 16.1 prior to 16.1.3, update to version 16.1.3 or later. For versions 16.2 prior to 16.2.2, update to version 16.2.2 or later.