CVE-2024-0231 Information

Description

A resource misdirection vulnerability in GitLab CE/EE versions 12.0 prior to 17.0.5 17.1 prior to 17.1.3 and 17.2 prior to 17.2.1 allows an attacker to craft a repository import in such a way as to misdirect commits.

Reference

https://gitlab.com/gitlab-org/gitlab/-/issues/437103 https://hackerone.com/reports/2299337