Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2022-4201HistoryJan 27, 2023 - 10:15 p.m.
CVE-2022-4201
2023-01-2722:15:08
Debian Security Bug Tracker
security-tracker.debian.org
11
ssrf
gitlab
ce/ee
11.3-15.6.1
unix
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0.001 Low
EPSS
Percentile
32.4%
A blind SSRF in GitLab CE/EE affecting all from 11.3 prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 allows an attacker to connect to local addresses when configuring a malicious GitLab Runner.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 999 | all | gitlab | < 15.10.8+ds1-2 | gitlab_15.10.8+ds1-2_all.deb |
Related
cvelist
cvelist
CVE-2022-4201
2023-01-27 00:00:00
nvd
nvd
CVE-2022-4201
2023-01-27 22:15:08
cve
cve
CVE-2022-4201
2023-01-27 22:15:08
veracode
veracode
Server-Side Request Forgery (SSRF)
2023-08-07 00:12:10
ubuntucve
ubuntucve
CVE-2022-4201
2023-01-27 00:00:00
nessus
nessus
GitLab 11.3 < 15.4.6 / 15.5 < 15.5.5 / 15.6 < 15.6.1 (CVE-2022-4201)
2023-01-16 00:00:00
prion
prion
Server side request forgery (ssrf)
2023-01-27 22:15:00
osv
osv
BIT-gitlab-2022-4201
2024-03-06 11:13:20
CVE-2022-4201
2023-01-27 22:15:08
freebsd
freebsd
Gitlab -- Multiple Vulnerabilities
2022-11-30 00:00:00
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
0.001 Low
EPSS
Percentile
32.4%
Related for DEBIANCVE:CVE-2022-4201