Lucene search
Veracode Vulnerability DatabaseVERACODE:42161HistoryAug 06, 2023 - 5:37 a.m.
Authorization Bypass
2023-08-0605:37:17
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
gitlab
authorization bypass
vulnerability
branch/tag confusion
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
EPSS
0.001
Percentile
34.8%
gitlab is vulnerable to Authorization Bypasses. A branch/tag name confusion allows an attacker to manipulate pages where the content of the default branch would be expected.
Related
osv
osv
BIT-gitlab-2022-3288
2024-03-06 11:14:26
CVE-2022-3288
2022-10-17 16:15:22
cvelist
cvelist
CVE-2022-3288
2022-10-17 00:00:00
nessus
nessus
GitLab < 15.2.5 (CVE-2022-3288)
2022-10-14 00:00:00
debiancve
debiancve
CVE-2022-3288
2022-10-17 16:15:22
cve
cve
CVE-2022-3288
2022-10-17 16:15:22
prion
prion
Design/Logic Flaw
2022-10-17 16:15:00
nvd
nvd
CVE-2022-3288
2022-10-17 16:15:22
ubuntucve
ubuntucve
CVE-2022-3288
2022-10-17 00:00:00
freebsd
freebsd
Gitlab -- Multiple vulnerabilities
2022-09-29 00:00:00
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
EPSS
0.001
Percentile
34.8%
Related for VERACODE:42161