CVE-2021-22263

Name of the Vulnerable Software and Affected Versions: GitLab versions 13.0 through 14.0.8 GitLab versions 14.1 through 14.1.3 GitLab versions 14.2 through 14.2.1

Description: An issue has been discovered in GitLab where a user account with 'external' status, granted the 'Maintainer' role on any project, may elevate its privilege to 'Internal' and access Internal projects if 'project tokens' are allowed on the GitLab instance.

Recommendations: For versions 13.0 through 14.0.8, update to version 14.0.9 or later. For versions 14.1 through 14.1.3, update to version 14.1.4 or later. For versions 14.2 through 14.2.1, update to version 14.2.2 or later.