GitLab Multiple Vulnerabilities
Release Date:
29 Jul 2022
4511
Views
RISK: Medium Risk
TYPE: Servers - Other Servers
Multiple vulnerabilities were identified in GitLab. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information disclosure, cross-site scripting and security restriction bypass on the targeted system.
Impact
- Information Disclosure
- Cross-Site Scripting
- Security Restriction Bypass
System / Technologies affected
- GitLab Community Edition (CE) versions prior to 15.2.1, 15.1.4, and 15.0.5
- GitLab Enterprise Edition (EE) versions prior to 15.2.1, 15.1.4, and 15.0.5
Solutions
Before installation of the software, please visit the software vendor web-site for more details.
- The vendor has issued a fix
https://about.gitlab.com/releases/2022/07/28/security-release-gitlab-15-2-1-released/
Vulnerability Identifier
- CVE-2022-2095
- CVE-2022-2303
- CVE-2022-2307
- CVE-2022-2326
- CVE-2022-2417
- CVE-2022-2456
- CVE-2022-2459
- CVE-2022-2497
- CVE-2022-2498
- CVE-2022-2499
- CVE-2022-2500
- CVE-2022-2501
- CVE-2022-2512
- CVE-2022-2531
- CVE-2022-2534
- CVE-2022-2539
Source
Related Link
Share with