GitLab::API::v4 through 0.26 does not verify TLS certificates when connecting to a GitLab server, enabling machine-in-the-middle attacks.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-04-29