CVE-2022-1935

🗓️ 06 Jun 2022 16:50:27Reported by GitLabType

cve🔗 web.nvd.nist.gov📰️ 5 Media mentions👁 127 Views

Incorrect authorization in GitLab EE affects versions 12.0 to 14.9.5, 14.10 to 14.10.4, and 15.0 to 15.0.1, allowing misuse of Project Trigger Token

Reporter	Title	Published	Views	Family All 18
ATTACKERKB	CVE-2022-1935	6 Jun 202217:15	–	attackerkb
Circl	CVE-2022-1935	6 Jun 202220:30	–	circl
CNNVD	GitLab 授权问题漏洞	2 Jun 202200:00	–	cnnvd
Cvelist	CVE-2022-1935	6 Jun 202216:50	–	cvelist
Debian CVE	CVE-2022-1935	6 Jun 202216:50	–	debiancve
EUVD	EUVD-2022-25204	3 Oct 202520:07	–	euvd
FreeBSD	Gitlab -- multiple vulnerabilities	1 Jun 202200:00	–	freebsd
Tenable Nessus	FreeBSD : Gitlab -- multiple vulnerabilities (f414d69f-e43d-11ec-9ea4-001b217b3468)	4 Jun 202200:00	–	nessus
Tenable Nessus	GitLab 12.0.0 < 14.9.5 / 14.10.0 < 14.10.4 / 15.0.0 < 15.0.1 (CVE-2022-1935)	28 Jun 202200:00	–	nessus
NCSC	Vulnerabilities fixed in GitLab	3 Jun 202200:00	–	ncsc

NVD

Vulners

Node

gitlab gitlabRange12.0.0–14.9.5enterprise

gitlab gitlabRange14.10.0–14.10.4enterprise

gitlab gitlabMatch15.0.0enterprise

[
  {
    "product": "GitLab",
    "vendor": "GitLab",
    "versions": [
      {
        "status": "affected",
        "version": ">=15.0.0, <15.0.1"
      },
      {
        "status": "affected",
        "version": ">=14.10.0, <14.10.4"
      },
      {
        "status": "affected",
        "version": ">=12.0.0, <14.9.5"
      }
    ]
  }
]