Fushbey

**Name of the Vulnerable Software and Affected Versions** GitLab versions 12.4 through 14.10.5 GitLab versions 15.0 through 15.0.4 GitLab versions 15.1 through 15.1.1 **Description** An issue has been discovered in GitLab where Conan packages names were being leaked due to incorrect permissions verification. **Recommendations** For versions 12.4 through 14.10.5, update to version 14.10.5 or later. For versions 15.0 through 15.0.4, update to version 15.0.4 or later. For versions 15.1 through 15.1.1, update to version 15.1.1 or later.

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 11.0 and later Description: The requirement to enforce 2-factor authentication (2FA) is not honored when using git commands in the affected versions. Recommendations: For GitLab CE/EE versions 11.0 and later, consider temporarily disabling git command access until a patch is available to enforce 2FA requirements. Restrict access to git commands to minimize the risk of exploitation.