GitLab Multiple Vulnerabilities
Release Date:
1 Sep 2022
5943
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in GitLab. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure, cross-site scripting, remote code execution, denial of service condition and security restriction bypass on the targeted system.
Impact
- Information Disclosure
- Cross-Site Scripting
- Security Restriction Bypass
- Denial of Service
- Remote Code Execution
System / Technologies affected
- GitLab Community Edition (CE) versions prior to 15.3.2, 15.2.4, and 15.1.6
- GitLab Enterprise Edition (EE) versions prior to 15.3.2, 15.2.4, and 15.1.6
Solutions
Before installation of the software, please visit the software vendor web-site for more details.
- The vendor has issued a fix
https://about.gitlab.com/releases/2022/08/30/critical-security-release-gitlab-15-3-2-released/
Vulnerability Identifier
- CVE-2022-2428
- CVE-2022-2455
- CVE-2022-2527
- CVE-2022-2533
- CVE-2022-2592
- CVE-2022-2630
- CVE-2022-2865
- CVE-2022-2907
- CVE-2022-2908
- CVE-2022-2931
- CVE-2022-2992
- CVE-2022-3031
Source
Related Link
Related Tags
Share with