Unrated severityNVD Advisory· Published May 11, 2022· Updated Aug 3, 2024
CVE-2022-1352
CVE-2022-1352
Description
Due to an insecure direct object reference vulnerability in Gitlab EE/CE affecting all versions from 11.0 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1, an endpoint may reveal the issue title to a user who crafted an API call with the ID of the issue from a public project that restricts access to issue only to project members.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: >=11.0, <14.8.6
Patches
Vulnerability mechanics
References
3- gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1352.jsonmitrex_refsource_CONFIRM
- gitlab.com/gitlab-org/gitlab/-/issues/350691mitrex_refsource_MISC
- hackerone.com/reports/1450306mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.