Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-3740HistoryJan 26, 2023 - 9:15 p.m.
CVE-2022-3740
2023-01-2621:15:00
Debian Security Bug Tracker
security-tracker.debian.org
7
0.002 Low
EPSS
Percentile
56.2%
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. A group owner may be able to bypass External Authorization check, if it is enabled, to access git repositories and package registries by using Deploy tokens or Deploy keys .
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 999 | all | gitlab | < 15.10.8+ds1-2 | gitlab_15.10.8+ds1-2_all.deb |
Related
osv
osv
CVE-2022-3740
2023-01-26 21:15:58
BIT-gitlab-2022-3740
2024-03-06 11:13:57
prion
prion
Authorization
2023-01-26 21:15:00
cvelist
cvelist
CVE-2022-3740
2023-01-24 00:00:00
veracode
veracode
Information Disclosure
2023-07-22 21:36:18
nessus
nessus
GitLab 12.9 < 15.4.6 / 15.5 < 15.5.5 / 15.6 < 15.6.1 (CVE-2022-3740)
2023-01-16 00:00:00
ubuntucve
ubuntucve
CVE-2022-3740
2023-01-26 00:00:00
cve
cve
CVE-2022-3740
2023-01-26 21:15:00
freebsd
freebsd
Gitlab -- Multiple Vulnerabilities
2022-11-30 00:00:00