Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

CVE-2022-3820

🗓️ 26 Jan 2023 21:58:15Reported by GitLabType 
cve
 cve🔗 web.nvd.nist.gov👁 68 Views

An issue in GitLab affecting versions 15.4 - 15.5.2 allows misuse of Deploy Token

Show more

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Related
Detection
Affected
Refs
ReporterTitlePublishedViews
Family
OSV		UBUNTU-CVE-2022-3820
26 Jan 202321:15
osv
OSV		CVE-2022-3820
26 Jan 202321:15
osv
OSV		BIT-GITLAB-2022-3820
6 Mar 202411:13
osv
Veracode		Improper Authentication
23 Jul 202300:40
veracode
Tenable Nessus		GitLab 15.4 < 15.4.6 / 15.5 < 15.5.5 / 15.6 < 15.6.1 (CVE-2022-3820)
12 Jan 202300:00
nessus
Tenable Nessus		FreeBSD : Gitlab -- Multiple Vulnerabilities (3cde510a-7135-11ed-a28b-bff032704f00)
1 Dec 202200:00
nessus
Debian CVE		CVE-2022-3820
26 Jan 202321:15
debiancve
UbuntuCve		CVE-2022-3820
26 Jan 202300:00
ubuntucve
Cvelist		CVE-2022-3820
24 Jan 202300:00
cvelist
Prion		Authentication flaw
26 Jan 202321:15
prion
Rows per page
Nvd
Vulners
Node
gitlabgitlabRange15.4.015.4.6community
OR
gitlabgitlabRange15.4.015.4.6enterprise
OR
gitlabgitlabRange15.5.015.5.5community
OR
gitlabgitlabRange15.5.015.5.5enterprise
OR
gitlabgitlabMatch15.6.0community
OR
gitlabgitlabMatch15.6.0enterprise
[
  {
    "vendor": "GitLab",
    "product": "GitLab",
    "versions": [
      {
        "version": ">=15.4, <15.4.6",
        "status": "affected"
      },
      {
        "version": ">=15.5, <15.5.5",
        "status": "affected"
      },
      {
        "version": ">=15.6, <15.6.1",
        "status": "affected"
      }
    ]
  }
]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
26 Jan 2023 21:15Current
6.1Medium risk
Vulners AI Score6.1
CVSS36.5
EPSS0.00027
SSVC
CWE-290
gitlabcve-2022-3820issueauthenticationpackage registriesip address restrictionsdeploy tokensecurity vulnerability
68
.json
Report