Lucene search
PRIOn knowledge basePRION:CVE-2022-3870HistoryJan 12, 2023 - 4:15 a.m.
Design/Logic Flaw
2023-01-1204:15:00
PRIOn knowledge base
www.prio-n.com
5
gitlab
unauthorized access
user avatars
security flaw
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.0 before 15.5.7, all versions starting from 15.6 before 15.6.4, all versions starting from 15.7 before 15.7.2. GitLab allows unauthenticated users to download user avatars using the victim’s user ID, on private instances that restrict public level visibility.
Related
cve
cve
CVE-2022-3870
2023-01-12 04:15:08
debiancve
debiancve
CVE-2022-3870
2023-01-12 04:15:08
nessus
nessus
GitLab < 15.5.7 / 15.6 < 15.6.4 / 15.7 < 15.7.2 (CVE-2022-3870)
2023-02-08 00:00:00
GitLab 10.0 < 15.5.7 / 15.6 < 15.6.4 / 15.7 < 15.7.2 (CVE-2022-3870)
2024-01-03 00:00:00
cvelist
cvelist
CVE-2022-3870
2023-01-12 00:00:00
nvd
nvd
CVE-2022-3870
2023-01-12 04:15:08
osv
osv
BIT-gitlab-2022-3870
2024-03-06 11:13:43
CVE-2022-3870
2023-01-12 04:15:08
veracode
veracode
Information Disclosure
2023-07-23 00:58:47
ubuntucve
ubuntucve
CVE-2022-3870
2023-01-12 00:00:00
freebsd
freebsd
Gitlab -- Multiple Vulnerabilities
2023-01-09 00:00:00