Lucene search
GitLabCVELIST:CVE-2022-4206HistoryFeb 01, 2023 - 12:00 a.m.
CVE-2022-4206
2023-02-0100:00:00
GitLab
www.cve.org
3
sensitive information
dast api scanner
authorization header
CVSS3
5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
AI Score
6.7
Confidence
High
EPSS
0.001
Percentile
33.1%
A sensitive information leak issue has been discovered in all versions of DAST API scanner from 1.6.50 prior to 2.0.102, exposing the Authorization header in the vulnerability report
CNA Affected
[
{
"vendor": "GitLab",
"product": "DAST API scanner",
"versions": [
{
"version": ">=1.6.50, <2.0.102",
"status": "affected"
}
]
}
]Related
debiancve
debiancve
CVE-2022-4206
2023-02-01 03:15:08
prion
prion
Authorization
2023-02-01 03:15:00
cve
cve
CVE-2022-4206
2023-02-01 03:15:08
ubuntucve
ubuntucve
CVE-2022-4206
2023-02-01 00:00:00
veracode
veracode
Information Disclosure
2023-08-07 00:12:33
nvd
nvd
CVE-2022-4206
2023-02-01 03:15:08
freebsd
freebsd
Gitlab -- Multiple Vulnerabilities
2022-11-30 00:00:00
nessus
nessus
CVSS3
5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
AI Score
6.7
Confidence
High
EPSS
0.001
Percentile
33.1%
Related for CVELIST:CVE-2022-4206