6 matches found
GitLab 14.0.x < 14.10.5, 15.0.x < 15.0.4, 15.1.x < 15.1.1 Command Injection Vulnerability
GitLab is prone to a command injection vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...
GitLab 14.0 < 14.10.5 / 15.0 < 15.0.4 / 15.1 < 15.1.1 (CVE-2022-2185)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A critical issue has been discovered in GitLab affecting all versions starting from 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 where an authenticated user authorized to impo...
CVE-2022-2185
creationtimestamp| type| source ---|---|--- 2022-07-01 20:43:02+00:00| seen| https://t.me/cibsecurity/45497 2022-07-02 18:02:03+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/2623 2022-07-22 02:12:45+00:00| published-proof-of-concept| https://t.me/thebugbountyhunter/6381 2022-08-13...
CVE-2022-2185
A critical issue has been discovered in GitLab affecting all versions starting from 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 where an authenticated user authorized to import projects could import a maliciously crafted project leading to remote code execution...
CVE-2022-2185
CVE-2022-2185 affects GitLab CE/EE: 14.0–14.10.4, 15.0–15.0.3, and 15.1–15.1.0 (vulnerable); fixed in later releases. An authenticated user authorized to import projects can supply a maliciously crafted project that is imported, leading to remote code execution on the server. The practical impact...
CVE-2022-2185
Removed by vendor...