Lucene search
PRIOn knowledge basePRION:CVE-2022-3820HistoryJan 26, 2023 - 9:15 p.m.
Authentication flaw
2023-01-2621:15:00
PRIOn knowledge base
www.prio-n.com
4
gitlab
authentication
flaw
deploy token
ip address restrictions
package registries
attacker
An issue has been discovered in GitLab affecting all versions starting from 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. GitLab was not performing correct authentication with some Package Registries when IP address restrictions were configured, allowing an attacker already in possession of a valid Deploy Token to misuse it from any location.
Related
cve
cve
CVE-2022-3820
2023-01-26 21:15:58
veracode
veracode
Improper Authentication
2023-07-23 00:40:51
nessus
nessus
GitLab 15.4 < 15.4.6 / 15.5 < 15.5.5 / 15.6 < 15.6.1 (CVE-2022-3820)
2023-01-12 00:00:00
debiancve
debiancve
CVE-2022-3820
2023-01-26 21:15:58
osv
osv
CVE-2022-3820
2023-01-26 21:15:58
BIT-gitlab-2022-3820
2024-03-06 11:13:45
cvelist
cvelist
CVE-2022-3820
2023-01-24 00:00:00
ubuntucve
ubuntucve
CVE-2022-3820
2023-01-26 00:00:00
nvd
nvd
CVE-2022-3820
2023-01-26 21:15:58
freebsd
freebsd
Gitlab -- Multiple Vulnerabilities
2022-11-30 00:00:00