Lucene search
HistoryOct 17, 2022 - 4:15 p.m.
CVE-2022-3330
gitlab
unauthorized access
cve-2022-3330
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
0.001 Low
EPSS
Percentile
23.0%
It was possible for a guest user to read a todo targeting an inaccessible note in Gitlab CE/EE affecting all versions from 15.0 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1.
Affected configurations
Node
gitlabgitlabRange15.0.0–15.2.5community
ORgitlabgitlabRange15.0.0–15.2.5enterprise
ORgitlabgitlabRange15.3–15.3.4community
ORgitlabgitlabRange15.3–15.3.4enterprise
ORgitlabgitlabRange15.4–15.4.1community
ORgitlabgitlabRange15.4–15.4.1enterprise
Related
osv
osv
BIT-gitlab-2022-3330
2024-03-06 11:14:21
CVE-2022-3330
2022-10-17 16:15:22
veracode
veracode
Information Disclosure
2023-07-23 12:36:08
debiancve
debiancve
CVE-2022-3330
2022-10-17 16:15:22
nessus
nessus
GitLab 15.0 < 15.2.5 / 15.3 < 15.3.4 / 15.4 < 15.4.1 (CVE-2022-3330)
2022-10-14 00:00:00
ubuntucve
ubuntucve
CVE-2022-3330
2022-10-17 00:00:00
prion
prion
Design/Logic Flaw
2022-10-17 16:15:00
cvelist
cvelist
CVE-2022-3330
2022-10-17 00:00:00
cve
cve
CVE-2022-3330
2022-10-17 16:15:22
freebsd
freebsd
Gitlab -- Multiple vulnerabilities
2022-09-29 00:00:00
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
0.001 Low
EPSS
Percentile
23.0%
Related for NVD:CVE-2022-3330