Lucene search
Ubuntu.comUB:CVE-2022-3793HistoryNov 10, 2022 - 12:00 a.m.
CVE-2022-3793
2022-11-1000:00:00
ubuntu.com
ubuntu.com
21
gitlab ce/ee
authorization issue
unauthorized access
ci/cd configuration files
cve-2022-3793
unix
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS
0.001
Percentile
33.5%
An improper authorization issue in GitLab CE/EE affecting all versions from
14.4 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows
an attacker to read variables set directly in a GitLab CI/CD configuration
file they don’t have access to.
Related
prion
prion
Authorization
2022-11-10 00:15:00
osv
osv
CVE-2022-3793
2022-11-10 00:15:22
BIT-gitlab-2022-3793
2024-03-06 11:13:51
debiancve
debiancve
CVE-2022-3793
2022-11-10 00:15:22
nvd
nvd
CVE-2022-3793
2022-11-10 00:15:22
veracode
veracode
Improper Authorization
2023-07-22 23:40:14
cvelist
cvelist
CVE-2022-3793
2022-11-09 00:00:00
nessus
nessus
GitLab 12.6 < 15.3.5 / 15.4 < 15.4.4 / 15.5 < 15.5.2 (CVE-2022-3793)
2022-11-10 00:00:00
cve
cve
CVE-2022-3793
2022-11-10 00:15:22
openvas
openvas
GitLab 12.6 < 15.3.5, 15.4 < 15.4.4, 15.5 < 15.5.2 Multiple Vulnerabilities
2022-11-11 00:00:00
freebsd
freebsd
Gitlab -- Multiple vulnerabilities
2022-11-02 00:00:00
CVSS3
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS
0.001
Percentile
33.5%
Related for UB:CVE-2022-3793