VYPR
Unrated severityNVD Advisory· Published Apr 4, 2022· Updated Aug 2, 2024

CVE-2022-1111

CVE-2022-1111

Description

A business logic error in Project Import in GitLab CE/EE versions 14.9 prior to 14.9.2, 14.8 prior to 14.8.5, and 14.0 prior to 14.7.7 under certain conditions caused imported projects to show an incorrect user in the 'Access Granted' column in the project membership pages

Affected products

3
  • GitLab Inc./GitLabllm-fuzzy2 versions
    >=14.0, <14.7.7, >=14.8, <14.8.5, >=14.9, <14.9.2+ 1 more
    • (no CPE)range: >=14.0, <14.7.7, >=14.8, <14.8.5, >=14.9, <14.9.2
    • (no CPE)range: >=14.9, <14.9.2
  • osv-coords
    Range: >= 14.0.0, < 14.7.7

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.