Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-2326

Опубликовано: 05 авг. 2022
Источник: nvd
CVSS3: 6.4
CVSS3: 8.1
EPSS Низкий

Описание

An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. It may be possible to gain access to a private project through an email invite by using other user's email address as an unverified secondary email.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Версия до 15.0.5 (исключая)
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Версия от 15.1.0 (включая) до 15.1.4 (исключая)
cpe:2.3:a:gitlab:gitlab:15.2:*:*:*:enterprise:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
Версия до 15.0.5 (исключая)
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
Версия от 15.1.0 (включая) до 15.1.4 (исключая)
cpe:2.3:a:gitlab:gitlab:15.2:*:*:*:enterprise:*:*:*

EPSS

Процентиль: 48%
0.00245
Низкий

6.4 Medium

CVSS3

8.1 High

CVSS3

Дефекты

CWE-863

Связанные уязвимости

ubuntu логотип

CVE-2022-2326

CVSS3: 6.4
ubuntu
больше 3 лет назад

An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. It may be possible to gain access to a private project through an email invite by using other user's email address as an unverified secondary email.

debian логотип

CVE-2022-2326

CVSS3: 6.4
debian
больше 3 лет назад

An issue has been discovered in GitLab CE/EE affecting all versions be ...

github логотип

GHSA-gcj2-4jcm-vgjg

CVSS3: 8.1
github
больше 3 лет назад

An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. It may be possible to gain access to a private project through an email invite by using other user's email address as an unverified secondary email.

EPSS

Процентиль: 48%
0.00245
Низкий

6.4 Medium

CVSS3

8.1 High

CVSS3

Дефекты

CWE-863