Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-1545

Опубликовано: 11 мая 2022
Источник: nvd
CVSS3: 4.3
CVSS2: 4
EPSS Низкий

Описание

It was possible to disclose details of confidential notes created via the API in Gitlab CE/EE affecting all versions from 13.2 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1 if an unauthorised project member was tagged in the note.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
Версия от 13.2.0 (включая) до 14.8.6 (исключая)
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Версия от 13.2.0 (включая) до 14.8.6 (исключая)
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
Версия от 14.9.0 (включая) до 14.9.4 (исключая)
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Версия от 14.9.0 (включая) до 14.9.4 (исключая)
cpe:2.3:a:gitlab:gitlab:14.10.0:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:14.10.0:*:*:*:enterprise:*:*:*

EPSS

Процентиль: 49%
0.0026
Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

ubuntu логотип

CVE-2022-1545

CVSS3: 4.3
ubuntu
больше 3 лет назад

It was possible to disclose details of confidential notes created via the API in Gitlab CE/EE affecting all versions from 13.2 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1 if an unauthorised project member was tagged in the note.

debian логотип

CVE-2022-1545

CVSS3: 4.3
debian
больше 3 лет назад

It was possible to disclose details of confidential notes created via ...

github логотип

GHSA-mc38-g3j7-hgww

CVSS3: 4.3
github
больше 3 лет назад

It was possible to disclose details of confidential notes created via the API in Gitlab CE/EE affecting all versions from 13.2 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1 if an unauthorised project member was tagged in the note.

EPSS

Процентиль: 49%
0.0026
Низкий

4.3 Medium

CVSS3

4 Medium

CVSS2

Дефекты

NVD-CWE-Other