Attacker can add other projects policy bot as member to their own project and use that bot to trigger pipelines in victims project
Group import allows impersonation of users in CI pipelines
Developers can bypass code owners approval by changing a MR's base branch
Leaking source code of restricted project through a fork
Third party library Consul requires enable-script-checks to be False to enable patch
Service account not deleted when namespace is deleted allowing access to internal projects
Enforce SSO settings bypassed for public projects for Members without identity
Removed project member can write to protected branches
Unauthorised association of CI jobs for Machine Learning experiments
Force pipelines to not have access to protected variables and will likely fail using tags
Maintainer can create a fork relationship between existing projects
Disclosure of masked CI variables via processing CI/CD configuration of forks
Asset Proxy Bypass using non-ASCII character in asset URI
Unauthorized member can gain Allowed to push and merge access and affect integrity of protected branches
Removed Developer can continue editing the source code of a public project
A project reporter can leak owner's Sentry instance projects
Math rendering in markdown can escape container and hijack clicks