Unrated severityNVD Advisory· Published Jul 1, 2022· Updated Aug 3, 2024
CVE-2022-2229
CVE-2022-2229
Description
An improper authorization issue in GitLab CE/EE affecting all versions from 13.7 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 allows an attacker to extract the value of an unprotected variable they know the name of in public projects or private projects they're a member of.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3>=13.7, <14.10.5; >=15.0, <15.0.4; >=15.1, <15.1.1+ 1 more
- (no CPE)range: >=13.7, <14.10.5; >=15.0, <15.0.4; >=15.1, <15.1.1
- (no CPE)range: >=13.7, <14.10.5
Patches
Vulnerability mechanics
References
3- gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2229.jsonmitrex_refsource_CONFIRM
- gitlab.com/gitlab-org/gitlab/-/issues/355738mitrex_refsource_MISC
- hackerone.com/reports/1511133mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.