The version of GitLab installed on the remote host is affected by a vulnerability, as follows: In all versions of GitLab CE/EE since version 14.1, an improper access control vulnerability allows users with expired password to still access GitLab through git and API through access tokens acquired before password expiration. (CVE-2021-39872) Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version…Read More
GitLab 14.1 < 14.1.7 / 14.2 < 14.2.5 / 14.3 < 14.3.1 (CVE-2021-39872)
