CVE-2022-2497 – An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 bef …

5 August 2022

Vuln ID: CVE-2022-2497

Published: 2022-08-05 16:15:12Z

Description: An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. A malicious maintainer could exfiltrate an integration’s access token by modifying the integration URL such that authenticated requests are sent to an attacker controlled server.

Source: NVD.NIST.GOV

Date:

5 August 2022

Categorie(s):

NVD

Tag(s):

NVD

A Comprehensive Cyber Guide: Best Practices for Small Businesses25 April 2024
Applying DevSecOps principles to machine learning workloads25 April 2024
Overcoming GenAI challenges in healthcare cybersecurity25 April 2024
25 cybersecurity AI stats you should know25 April 2024
73% of SME security pros missed or ignored critical alerts25 April 2024