Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-997f-v4rm-9w7m

Опубликовано: 17 янв. 2023
Источник: github
Github: Не прошло ревью
CVSS3: 6.5

Описание

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. It was possible to read repository content by an unauthorised user if a project member used a crafted link.

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. It was possible to read repository content by an unauthorised user if a project member used a crafted link.

Ссылки

EPSS

Процентиль: 75%
0.00904
Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2022-2907

Дефекты

CWE-200

Связанные уязвимости

ubuntu логотип

CVE-2022-2907

CVSS3: 5.7
ubuntu
больше 2 лет назад

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. It was possible to read repository content by an unauthorised user if a project member used a crafted link.

nvd логотип

CVE-2022-2907

CVSS3: 5.7
nvd
больше 2 лет назад

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 15.1.6, all versions starting from 15.2 before 15.2.4, all versions starting from 15.3 before 15.3.2. It was possible to read repository content by an unauthorised user if a project member used a crafted link.

debian логотип

CVE-2022-2907

CVSS3: 5.7
debian
больше 2 лет назад

An issue has been discovered in GitLab CE/EE affecting all versions st ...

fstec логотип

BDU:2022-05489

CVSS3: 6.5
fstec
почти 3 года назад

Уязвимость функции LivePreview программной платформы на базе git для совместной работы над кодом GitLab, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

EPSS

Процентиль: 75%
0.00904
Низкий

6.5 Medium

CVSS3

CVE ID

CVE-2022-2907

Дефекты

CWE-200