Lucene search
GitLabCVELIST:CVE-2022-0093HistoryJan 18, 2022 - 4:52 p.m.
CVE-2022-0093
2022-01-1816:52:07
GitLab
www.cve.org
5
gitlab
security issue
expired password
CVSS3
3.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
AI Score
5.1
Confidence
High
EPSS
0.001
Percentile
29.6%
An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. GitLab allows a user with an expired password to access sensitive information through RSS feeds.
CNA Affected
[
{
"product": "GitLab",
"vendor": "GitLab",
"versions": [
{
"status": "affected",
"version": "<14.4.5"
},
{
"status": "affected",
"version": ">=14.5.0, <14.5.3"
},
{
"status": "affected",
"version": ">=14.6.0, <14.6.1"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2022-01-18 17:15:00
nvd
nvd
CVE-2022-0093
2022-01-18 17:15:09
cve
cve
CVE-2022-0093
2022-01-18 17:15:09
osv
osv
CVE-2022-0093
2022-01-18 17:15:09
BIT-gitlab-2022-0093
2024-03-06 11:17:10
nessus
nessus
GitLab < 14.4.5 (CVE-2022-0093)
2022-04-20 00:00:00
veracode
veracode
Information Disclosure
2023-08-06 20:43:07
ubuntucve
ubuntucve
CVE-2022-0093
2022-01-18 00:00:00
debiancve
debiancve
CVE-2022-0093
2022-01-18 17:15:09
freebsd
freebsd
Gitlab -- Multiple Vulnerabilities
2022-01-11 00:00:00
CVSS3
3.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
AI Score
5.1
Confidence
High
EPSS
0.001
Percentile
29.6%
Related for CVELIST:CVE-2022-0093