Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-1423HistoryMay 19, 2022 - 6:15 p.m.
CVE-2022-1423
2022-05-1918:15:00
Debian Security Bug Tracker
security-tracker.debian.org
24
0.002 Low
EPSS
Percentile
60.6%
Improper access control in the CI/CD cache mechanism in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 allows a malicious actor with Developer privileges to perform cache poisoning leading to arbitrary code execution in protected branches
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 999 | all | gitlab | < 15.10.8+ds1-2 | gitlab_15.10.8+ds1-2_all.deb |
Related
cve
cve
CVE-2022-1423
2022-05-19 18:15:00
ubuntucve
ubuntucve
CVE-2022-1423
2022-05-19 00:00:00
osv
osv
BIT-gitlab-2022-1423
2024-03-06 11:16:03
CVE-2022-1423
2022-05-19 18:15:09
cvelist
cvelist
CVE-2022-1423
2022-05-19 17:12:32
prion
prion
Improper access control
2022-05-19 18:15:00
veracode
veracode
Remote Code Execution (RCE)
2023-07-23 08:25:59
nessus
nessus
GitLab 1.0.2 < 14.8.6 (CVE-2022-1423)
2024-01-03 00:00:00
GitLab 1.0.2 < 14.8.6 Multiple Vulnerabilities
2022-05-06 00:00:00
openvas
openvas
wallarmlab
wallarmlab
GitLab Security Issues: Six Months of Vulnerabilities
2022-08-01 13:31:27