CVE-2022-2281

Sažetak

An information disclosure vulnerability in GitLab EE affecting all versions from 12.5 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allows disclosure of release titles if group milestones are associated with any project releases.

Reference

https://hackerone.com/reports/1012659
https://gitlab.com/gitlab-org/gitlab/-/issues/271172
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2281.json

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

13-07-2022 - 18:32

Objavljeno

01-07-2022 - 16:15