Lucene search
K

6 matches found

OpenVAS
OpenVAS
added 2022/07/07 12:0 a.m.24 views

GitLab 14.0.x < 14.10.5, 15.0.x < 15.0.4, 15.1.x < 15.1.1 Command Injection Vulnerability

GitLab is prone to a command injection vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...

9.9CVSS9.4AI score0.76884EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/07/07 12:0 a.m.75 views

GitLab 14.0 < 14.10.5 / 15.0 < 15.0.4 / 15.1 < 15.1.1 (CVE-2022-2185)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A critical issue has been discovered in GitLab affecting all versions starting from 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 where an authenticated user authorized to impo...

9.9CVSS8.3AI score0.76884EPSS
Exploits0References4
Circl
Circl
added 2022/07/01 8:43 p.m.6 views

CVE-2022-2185

creationtimestamp| type| source ---|---|--- 2022-07-01 20:43:02+00:00| seen| https://t.me/cibsecurity/45497 2022-07-02 18:02:03+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/2623 2022-07-22 02:12:45+00:00| published-proof-of-concept| https://t.me/thebugbountyhunter/6381 2022-08-13...

9.9CVSS8.1AI score0.76884EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2022/07/01 4:15 p.m.76 views

CVE-2022-2185

A critical issue has been discovered in GitLab affecting all versions starting from 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 where an authenticated user authorized to import projects could import a maliciously crafted project leading to remote code execution...

9.9CVSS7.3AI score0.76884EPSS
Exploits0References4
CVE
CVE
added 2022/07/01 3:50 p.m.240 views

CVE-2022-2185

CVE-2022-2185 affects GitLab CE/EE: 14.0–14.10.4, 15.0–15.0.3, and 15.1–15.1.0 (vulnerable); fixed in later releases. An authenticated user authorized to import projects can supply a maliciously crafted project that is imported, leading to remote code execution on the server. The practical impact...

9.9CVSS8.5AI score0.76884EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2022/07/01 3:50 p.m.42 views

CVE-2022-2185

Removed by vendor...

9.9CVSS7.3AI score0.76884EPSS
Exploits0
Rows per page
Query Builder