3 matches found
GitLab 13.2 < 14.8.6 / 14.9 < 14.9.4 / 14.10 < 14.10.1 (CVE-2022-1545)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - It was possible to disclose details of confidential notes created via the API in Gitlab CE/EE affecting all versions from 13.2 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1 if an...
Three new API exploits causes GitLab data privacy and availability issues
On May 10, 2022, and May 11, 2022, CVE-2022-1352 CVE-2021-1431, and CVE-2022-1545 were fixed and published on Gitlab-ORG public repository. There are no technical details or exploits yet, but according to the high-level description and titles, they gonna be critical Gitlab API vulnerabilities tha...
CVE-2022-1545
GitLab CE/EE information-disclosure vulnerability (CVE-2022-1545): an unauthorised project member tagged in a note could disclose details of confidential notes created via the API. Affected versions include GitLab 13.2 up to 14.8.6, 14.9 up to 14.9.4, and 14.10 up to 14.10.1. Remediation is upgra...