Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2022-2185
HistoryJul 01, 2022 - 4:15 p.m.

CVE-2022-2185

2022-07-0116:15:00
CWE-78
[email protected]
web.nvd.nist.gov
140
8
gitlab
vulnerability
remote code execution
cve-2022-2185
nvd

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.634 Medium

EPSS

Percentile

97.8%

JSON

A critical issue has been discovered in GitLab affecting all versions starting from 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 where an authenticated user authorized to import projects could import a maliciously crafted project leading to remote code execution.

Social References

More

Related

githubexploit 2
cvelist 1
osv 2
veracode 1
hackerone 2
checkpoint_advisories 1
nessus 2
cnvd 1
openvas 1
prion 1
ubuntucve 1
debiancve 1
nuclei 1
wallarmlab 1
freebsd 1
githubexploit
githubexploit
Exploit for OS Command Injection in Gitlab
2022-07-29 11:14:03
Exploit for OS Command Injection in Gitlab
2022-07-02 07:58:01
cvelist
cvelist
CVE-2022-2185
2022-07-01 15:50:03
osv
osv
BIT-gitlab-2022-2185
2024-03-06 11:15:35
CVE-2022-2185
2022-07-01 16:15:08
veracode
veracode
Remote Code Execution (RCE)
2023-08-06 22:42:08
hackerone
hackerone
GitLab: RCE via the DecompressedArchiveSizeValidator and Project BulkImports (behind feature flag)
2022-06-23 03:05:28
GitLab: Unauthorized access
2022-08-14 23:06:00
checkpoint_advisories
checkpoint_advisories
GitLab Community and Enterprise Edition Command Injection (CVE-2022-2185)
2022-11-17 00:00:00
nessus
nessus
GitLab 14.0 < 14.10.5 / 15.0 < 15.0.4 / 15.1 < 15.1.1 (CVE-2022-2185)
2022-07-07 00:00:00
FreeBSD : Gitlab -- multiple vulnerabilities (d1b35142-ff4a-11ec-8be3-001b217b3468)
2022-07-09 00:00:00
cnvd
cnvd
GitLab Remote Code Execution Vulnerability
2022-07-01 00:00:00
openvas
openvas
GitLab 14.0.x < 14.10.5, 15.0.x < 15.0.4, 15.1.x < 15.1.1 Command Injection Vulnerability
2022-07-07 00:00:00
prion
prion
Remote code execution
2022-07-01 16:15:00
ubuntucve
ubuntucve
CVE-2022-2185
2022-07-01 00:00:00
debiancve
debiancve
CVE-2022-2185
2022-07-01 16:15:00
nuclei
nuclei
GitLab CE/EE - Remote Code Execution
2022-09-14 16:27:45
wallarmlab
wallarmlab
GitLab Security Issues: Six Months of Vulnerabilities
2022-08-01 13:31:27
freebsd
freebsd
Gitlab -- multiple vulnerabilities
2022-06-30 00:00:00

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.5 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.634 Medium

EPSS

Percentile

97.8%

JSON
Related for CVE-2022-2185
githubexploit2cvelist1osv2veracode1hackerone2checkpoint_advisories1nessus2cnvd1openvas1prion1ubuntucve1debiancve1nuclei1wallarmlab1freebsd1