Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2022-2307

Опубликовано: 05 авг. 2022
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 3.5

Описание

A lack of cascading deletes in GitLab CE/EE affecting all versions starting from 13.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1 allows a malicious Group Owner to retain a usable Group Access Token even after the Group is deleted, though the APIs usable by that token are limited.

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-apps/xenial

ignored

not maintainable
esm-infra/focal

DNE

focal

DNE

jammy

DNE

kinetic

DNE

lunar

DNE

mantic

DNE

noble

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 29%
0.00102
Низкий

3.5 Low

CVSS3

Связанные уязвимости

nvd логотип

CVE-2022-2307

CVSS3: 3.5
nvd
почти 3 года назад

A lack of cascading deletes in GitLab CE/EE affecting all versions starting from 13.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1 allows a malicious Group Owner to retain a usable Group Access Token even after the Group is deleted, though the APIs usable by that token are limited.

debian логотип

CVE-2022-2307

CVSS3: 3.5
debian
почти 3 года назад

A lack of cascading deletes in GitLab CE/EE affecting all versions sta ...

github логотип

GHSA-xpg3-c2hf-x9vf

CVSS3: 3.8
github
почти 3 года назад

A lack of cascading deletes in GitLab CE/EE affecting all versions starting from 13.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1 allows a malicious Group Owner to retain a usable Group Access Token even after the Group is deleted, though the APIs usable by that token are limited.

EPSS

Процентиль: 29%
0.00102
Низкий

3.5 Low

CVSS3