The host is installed with GitLab CE/EE before 15.9.6, 15.10 before 15.10.5, 15.11 before 15.11.1 and is prone to an arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle the main branch of a repository. Successful exploitation allows an attacker to create repositories with malicious code, victims who clone or download these repositories will execute arbitrary code on their systems.