9 matches found
CVE-2022-2251
Improper sanitization of branch names in GitLab Runner affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user who creates a branch with a specially crafted name and gets another user to trigger a pipeline to execute commands in the runner as that othe...
CVE-2022-2251
Improper sanitization of branch names in GitLab Runner affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user who creates a branch with a specially crafted name and gets another user to trigger a pipeline to execute commands in the runner as that othe...
CVE-2022-2251
Improper sanitization of branch names in GitLab Runner affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user who creates a branch with a specially crafted name and gets another user to trigger a pipeline to execute commands in the runner as that othe...
CVE-2022-2251
Improper sanitization of branch names in GitLab Runner affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user who creates a branch with a specially crafted name and gets another user to trigger a pipeline to execute commands in the runner as that othe...
CVE-2022-2251
Improper sanitization of branch names in GitLab Runner affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user who creates a branch with a specially crafted name and gets another user to trigger a pipeline to execute commands in the runner as that othe...
CVE-2022-2251
GitLab Runner (GitLab) suffers from an OS command injection due to improper sanitization/cleanup of branch names. A user can create a specially crafted branch name and cause another user’s pipeline to execute commands in the runner as that user. Affected versions are prior to 15.3.5, 15.4 prior t...
CVE-2022-2251
Removed by vendor...
FreeBSD : Gitlab -- Multiple vulnerabilities (16f7ec68-5cce-11ed-9be7-454b1dd82c64)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 16f7ec68-5cce-11ed-9be7-454b1dd82c64 advisory. - Gitlab reports: DAST analyzer sends custom request headers with every request Stored-XSS wit...
GitLab 0.0 < 15.3.5 / 15.4 < 15.4.4 / 15.5 < 15.5.2 (CVE-2022-2251)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Improper sanitization of branch names in GitLab Runner affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user who creates a branch with a specially crafte...