Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-0427

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing sanitization of HTML attributes in Jupyter notebooks in all versions of GitLab CE/EE since version 14.5 allows an attacker to perform arbitrary HTTP POS...

8.8CVSS8.1AI score0.00815EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/01/03 12:0 a.m.24 views

GitLab 14.5 < 14.5.4 / 14.6 < 14.6.4 / 14.7 < 14.7.1 (CVE-2022-0427)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Missing sanitization of HTML attributes in Jupyter notebooks in all versions of GitLab CE/EE since version 14.5 allows an attacker to perform arbitrary HTTP POST requests on a user's behalf leading to...

8.8CVSS8.2AI score0.00815EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2022/03/28 7:15 p.m.28 views

CVE-2022-0427

Missing sanitization of HTML attributes in Jupyter notebooks in all versions of GitLab CE/EE since version 14.5 allows an attacker to perform arbitrary HTTP POST requests on a user's behalf leading to potential account takeover...

8.8CVSS7.2AI score0.00815EPSS
Exploits1References4
CVE
CVE
added 2022/03/28 6:53 p.m.99 views

CVE-2022-0427

CVE-2022-0427 affects GitLab CE/EE (all versions since 14.5) due to missing sanitization of HTML attributes in Jupyter notebooks. The underlying issue can let an attacker cause arbitrary HTTP POST requests on behalf of an affected user, enabling potential account takeover. Exploitation details, a...

8.8CVSS8.3AI score0.00815EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/03/28 6:53 p.m.13 views

CVE-2022-0427

Missing sanitization of HTML attributes in Jupyter notebooks in all versions of GitLab CE/EE since version 14.5 allows an attacker to perform arbitrary HTTP POST requests on a user's behalf leading to potential account takeover...

7.7CVSS6.4AI score0.00815EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2022/03/28 6:53 p.m.41 views

CVE-2022-0427

Removed by vendor...

8.8CVSS7.3AI score0.00815EPSS
Exploits1
Rows per page
Query Builder