An issue has been discovered in GitLab EE/CE affecting all versions starting from 8.0 before 16.4. The product did not sufficiently warn about security implications of granting merge rights to protected branches.
{ "binaries": [ { "binary_name": "gitlab", "binary_version": "8.5.8+dfsg-5" } ] }