Lucene search
Veracode Vulnerability DatabaseVERACODE:42147HistoryAug 06, 2023 - 4:19 a.m.
Information Disclosure
2023-08-0604:19:48
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
17
gitlab
datadog
integration
api key
disclosure
vulnerability
webhook logs
sensitive information
project maintainer
CVSS3
6.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
EPSS
0.001
Percentile
34.6%
gitlab is vulnerable to Information Disclosure. The vulnerability allows a project maintainer to access the DataDog integration API key from webhook logs resulting in disclosure of sensitive information.
Related
debiancve
debiancve
CVE-2022-3018
2022-10-28 15:15:15
osv
osv
BIT-gitlab-2022-3018
2024-03-06 11:14:41
CVE-2022-3018
2022-10-28 15:15:15
ubuntucve
ubuntucve
CVE-2022-3018
2022-10-28 00:00:00
nvd
nvd
CVE-2022-3018
2022-10-28 15:15:15
nessus
nessus
GitLab 9.3 < 15.2.5 / 15.3 < 15.3.4 / 15.4 < 15.4.1 (CVE-2022-3018)
2022-10-07 00:00:00
prion
prion
Information disclosure
2022-10-28 15:15:00
cvelist
cvelist
CVE-2022-3018
2022-10-28 00:00:00
cve
cve
CVE-2022-3018
2022-10-28 15:15:15
wallarmlab
wallarmlab
Q4-2022 API ThreatStatsโข Report
2023-02-22 16:02:55
freebsd
freebsd
Gitlab -- Multiple vulnerabilities
2022-09-29 00:00:00
CVSS3
6.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
EPSS
0.001
Percentile
34.6%
Related for VERACODE:42147