Lucene search
K

8 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-3706

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper authorization in GitLab CE/EE affecting all versions from 7.14 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user retrying a...

4.3CVSS5.1AI score0.00508EPSS
Exploits0References2
OSV
OSV
added 2022/11/09 12:0 a.m.22 views

CVE-2022-3706

Improper authorization in GitLab CE/EE affecting all versions from 7.14 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user retrying a job in a downstream pipeline to take ownership of the retried jobs in the upstream pipeline even if the user doesn't have access to that...

3.1CVSS4.2AI score0.00508EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/11/09 12:0 a.m.4 views

CVE-2022-3706

Improper authorization in GitLab CE/EE affecting all versions from 7.14 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user retrying a job in a downstream pipeline to take ownership of the retried jobs in the upstream pipeline even if the user doesn't have access to that...

3.1CVSS6.3AI score0.00508EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/11/09 12:0 a.m.33 views

CVE-2022-3706

Improper authorization in GitLab CE/EE affecting all versions from 7.14 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user retrying a job in a downstream pipeline to take ownership of the retried jobs in the upstream pipeline even if the user doesn't have access to that...

3.1CVSS4.9AI score0.00508EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2022/11/09 12:0 a.m.21 views

CVE-2022-3706

Removed by vendor...

4.3CVSS5.8AI score0.00508EPSS
Exploits0
CVE
CVE
added 2022/11/09 12:0 a.m.119 views

CVE-2022-3706

CVE-2022-3706 affects GitLab CE/EE: improper authorization lets a user retrying a downstream job take ownership of retried upstream jobs without access to the project. Affected versions: 7.14 up to but not including 15.3.5; 15.4 up to but not including 15.4.4; 15.5 up to but not including 15.5.2....

4.3CVSS4.4AI score0.00508EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/11/08 12:0 a.m.29 views

GitLab 7.14 < 15.3.5 / 15.4 < 15.4.4 / 15.5 < 15.5.2 (CVE-2022-3706)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Improper authorization in GitLab CE/EE affecting all versions from 7.14 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user retrying a job in a downstream pipeline to take...

4.3CVSS5.2AI score0.00508EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/11/05 12:0 a.m.37 views

FreeBSD : Gitlab -- Multiple vulnerabilities (16f7ec68-5cce-11ed-9be7-454b1dd82c64)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 16f7ec68-5cce-11ed-9be7-454b1dd82c64 advisory. - Gitlab reports: DAST analyzer sends custom request headers with every request Stored-XSS wit...

9CVSS6.2AI score0.86326EPSS
Exploits2References15
Rows per page
Query Builder