VYPR
Unrated severityNVD Advisory· Published Mar 28, 2022· Updated Aug 2, 2024

CVE-2022-0344

CVE-2022-0344

Description

An issue has been discovered in GitLab affecting all versions starting from 10.0 before 14.5.4, all versions starting from 10.1 before 14.6.4, all versions starting from 10.2 before 14.7.1. Private project paths can be disclosed to unauthorized users via system notes when an Issue is closed via a Merge Request and later moved to a public project

Affected products

3
  • GitLab Inc./GitLabllm-fuzzy2 versions
    before 14.5.4, before 14.6.4, before 14.7.1+ 1 more
    • (no CPE)range: before 14.5.4, before 14.6.4, before 14.7.1
    • (no CPE)range: >=10.0, <14.5.4
  • osv-coords
    Range: >= 10.0.0, < 14.5.4

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.