GitLab 10.0 < 15.5.7 / 15.6 < 15.6.4 / 15.7 < 15.7.2 (CVE-2022-3870)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.0 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. GitL...

GitLab < 15.5.7 / 15.6 < 15.6.4 / 15.7 < 15.7.2 (CVE-2022-3870)

The version of GitLab installed on the remote host is prior to 15.5.7, 15.6.4, 15.7.2. It is, therefore, affected by an information disclosure vulnerability as referenced in the SECURITY-RELEASE-GITLAB-15-7-2-RELEASED advisory. - An issue has been discovered in GitLab CE/EE affecting all versions...

CVE-2022-3870

creationtimestamp| type| source ---|---|--- 2023-01-12 07:29:57+00:00| seen| https://t.me/cibsecurity/56407...

CVE-2022-3870

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.0 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. GitLab allows unauthenticated users to download user avatars using the victim's user ID, on private...

CVE-2022-3870

GitLab CE/EE (versions 10.0–15.5.6, 15.6.0–15.6.3, 15.7.0–15.7.1) is affected by CVE-2022-3870. The vulnerability allows unauthenticated users on private instances to download a user’s avatar using the victim’s user ID, indicating an information disclosure issue. The root cause is a misconfigurat...

CVE-2022-3870

An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.0 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. GitLab allows unauthenticated users to download user avatars using the victim's user ID, on private...