Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

RedhatCVE
RedhatCVEadded 2025/02/05 9:17 p.m.10 views

CVE-2022-2992

A vulnerability in GitLab CE/EE affecting all versions from 11.10 prior to 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows an authenticated user to achieve remote code execution via the Import from GitHub API endpoint...

9.9CVSS7.1AI score0.91193EPSS
Exploits5References1
OSV
OSVadded 2024/03/06 11:14 a.m.20 views

BIT-GITLAB-2022-2884

A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3.1 allows an an authenticated user to achieve remote code execution via the Import from GitHub API endpoint...

9.9CVSS9.5AI score0.30029EPSS
Exploits4References5
OSV
OSVadded 2024/03/06 11:14 a.m.27 views

BIT-GITLAB-2022-2992

A vulnerability in GitLab CE/EE affecting all versions from 11.10 prior to 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows an authenticated user to achieve remote code execution via the Import from GitHub API endpoint...

9.9CVSS9.5AI score0.91193EPSS
Exploits5References5
OSV
OSVadded 2022/10/17 4:15 p.m.0 views

UBUNTU-CVE-2022-2992

A vulnerability in GitLab CE/EE affecting all versions from 11.10 prior to 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows an authenticated user to achieve remote code execution via the Import from GitHub API endpoint...

9.9CVSS7.8AI score0.91193EPSS
Exploits5References3
CVE
CVEadded 2022/10/17 12:0 a.m.2116 views

CVE-2022-2992

CVE-2022-2992 is a GitLab GitHub Import API deserialization flaw that enables authenticated users to trigger remote code execution. Affected products are GitLab CE/EE with versions 11.10–11.10.x? (per the wording) and all releases prior to 15.1.6, 15.2 up to 15.2.4, and 15.3 up to 15.3.2. The roo...

9.9CVSS9.4AI score0.91193EPSS
Exploits5References4Affected Software1
OSV
OSVadded 2022/10/17 12:0 a.m.24 views

CVE-2022-2992

A vulnerability in GitLab CE/EE affecting all versions from 11.10 prior to 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows an authenticated user to achieve remote code execution via the Import from GitHub API endpoint...

9.9CVSS9.6AI score0.91193EPSS
Exploits5References6
NCSC
NCSCadded 2022/08/31 12:0 a.m.6 views

Vulnerabilities fixed in GitLab CE and EE

Vulnerabilities have been fixed in GitLab Community Edition and Enterprise Edition. The vulnerabilities allow a malicious person to able to perform attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Bypassing...

9.9CVSS7.7AI score0.91193EPSS
Exploits5
OpenVAS
OpenVASadded 2022/08/24 12:0 a.m.11 views

GitLab 11.3.4 < 15.1.5, 15.2.x < 15.2.3, 15.3.x < 15.3.1 RCE Vulnerability

GitLab is prone to a remote command execution RCE vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; ...

9.9CVSS9.5AI score0.30029EPSS
Exploits4References2
NCSC
NCSCadded 2022/08/23 12:0 a.m.2 views

Vulnerabilities fixed in GitLab Enterprise Edition and GitLab Community Edition

GitLab has fixed a vulnerability in GitLab Enterprise Edition and GitLab Community Edition. An authenticated malicious party could exploit the vulnerability to execute arbitrary code via the 'Import from GitHub' API Endpoint to execute arbitrary code with permissions from the application and...

9.9CVSS7.8AI score0.30029EPSS
Exploits4
Rows per page
Query Builder