CVE-2023-3441: Exposure of Sensitive Information Due to Incompatible Policies in GitLab

Severity: Critical

CVSS Score: 9.1

An issue has been discovered in GitLab EE/CE affecting all versions starting from 8.0 before 16.4. The product did not sufficiently warn about security implications of granting merge rights to protected branches.