GitLab Multiple Vulnerabilities
Release Date:
2 Jun 2022
5926
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in GitLab. A remote attacker could exploit some of these vulnerabilities to trigger elevation of privilege, sensitive information disclosure, security restriction bypass and cross-site scripting on the targeted system.
Impact
- Elevation of Privilege
- Information Disclosure
- Security Restriction Bypass
- Cross-Site Scripting
System / Technologies affected
- GitLab Community Edition (CE) versions prior to 15.0.1, 14.10.4, and 14.9.5
- GitLab Enterprise Edition (CE) versions prior to 15.0.1, 14.10.4, and 14.9.5
Solutions
Before installation of the software, please visit the software vendor web-site for more details.
- The vendor has issued a fix
https://about.gitlab.com/releases/2022/06/01/critical-security-release-gitlab-15-0-1-released/
Vulnerability Identifier
- CVE-2022-1680
- CVE-2022-1783
- CVE-2022-1821
- CVE-2022-1935
- CVE-2022-1936
- CVE-2022-1940
- CVE-2022-1944
- CVE-2022-1948
Source
Related Link
Related Tags
Share with