Lucene search
GoogleOSV:CVE-2022-1352HistoryMay 11, 2022 - 3:15 p.m.
CVE-2022-1352
2022-05-1115:15:08
Google
osv.dev
5
cve-2022-1352
gitlab
direct object reference
Due to an insecure direct object reference vulnerability in Gitlab EE/CE affecting all versions from 11.0 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1, an endpoint may reveal the issue title to a user who crafted an API call with the ID of the issue from a public project that restricts access to issue only to project members.
Related
ubuntucve
ubuntucve
CVE-2022-1352
2022-05-11 00:00:00
nvd
nvd
CVE-2022-1352
2022-05-11 15:15:08
prion
prion
Design/Logic Flaw
2022-05-11 15:15:00
cvelist
cvelist
CVE-2022-1352
2022-05-11 14:30:02
nessus
nessus
GitLab 11.0 < 14.8.6 / 14.9 < 14.9.4 / 14.10 < 14.10.1 (CVE-2022-1352)
2022-05-18 00:00:00
debiancve
debiancve
CVE-2022-1352
2022-05-11 15:15:08
cve
cve
CVE-2022-1352
2022-05-11 15:15:08
veracode
veracode
Insecure Direct Object Reference
2023-07-23 03:44:05
osv
osv
BIT-gitlab-2022-1352
2024-03-06 11:16:10
openvas
openvas
wallarmlab
wallarmlab
Three new API exploits causes GitLab data privacy and availability issues
2022-05-16 15:36:42