Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-2498

Опубликовано: 05 авг. 2022
Источник: nvd
CVSS3: 6.4
CVSS3: 7.5
EPSS Низкий

Описание

An issue in pipeline subscriptions in GitLab EE affecting all versions from 12.8 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1 triggered new pipelines with the person who created the tag as the pipeline creator instead of the subscription's author.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Версия от 12.8.0 (включая) до 15.0.5 (исключая)
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Версия от 15.1.0 (включая) до 15.1.4 (исключая)
cpe:2.3:a:gitlab:gitlab:15.2:*:*:*:enterprise:*:*:*

EPSS

Процентиль: 42%
0.002
Низкий

6.4 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-269

Связанные уязвимости

ubuntu логотип

CVE-2022-2498

CVSS3: 6.4
ubuntu
больше 3 лет назад

An issue in pipeline subscriptions in GitLab EE affecting all versions from 12.8 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1 triggered new pipelines with the person who created the tag as the pipeline creator instead of the subscription's author.

debian логотип

CVE-2022-2498

CVSS3: 6.4
debian
больше 3 лет назад

An issue in pipeline subscriptions in GitLab EE affecting all versions ...

github логотип

GHSA-f5vg-g8qw-8p89

CVSS3: 7.5
github
больше 3 лет назад

An issue in pipeline subscriptions in GitLab EE affecting all versions from 12.8 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1 triggered new pipelines with the person who created the tag as the pipeline creator instead of the subscription's author.

EPSS

Процентиль: 42%
0.002
Низкий

6.4 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-269