A vulnerability was discovered in GitLab versions before 13.0.12, 13.1.10, 13.2.8 and 13.3.4. GitLabs EKS integration was vulnerable to a cross-account assume role attack.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Gitlab | Gitlab | 13.0.0 (including) | 13.0.12 (excluding) |
Gitlab | Gitlab | 13.1.0 (including) | 13.1.10 (excluding) |
Gitlab | Gitlab | 13.2.0 (including) | 13.2.8 (excluding) |
Gitlab | Gitlab | 13.3.0 (including) | 13.3.4 (excluding) |