Ubuntu.comUB:CVE-2022-4376CVE-2022-4376
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS
Percentile
50.4%
An issue has been discovered in GitLab affecting all versions before
15.9.6, all versions starting from 15.10 before 15.10.5, all versions
starting from 15.11 before 15.11.1. Under certain conditions, an attacker
may be able to map a private email of a GitLab user to their GitLab account
on an instance.
References
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
EPSS
Percentile
50.4%