HomePentest-Tools.com Logo

GitLab CE/EE - Remote Code Execution CVE-2022-2185

Severity
CVSSv3 Score
8.8
Vulnerability description

GitLab CE/EE 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 is susceptible to remote code execution. An authenticated user authorized to import projects can import a maliciously crafted project, thus possibly being able to execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.

Risk description

No risk description to display.

Recommendation

Apply the latest security patches provided by GitLab to mitigate this vulnerability.

Codename
Not available
Detectable with
Network Scanner
Scan engine
Nuclei
Exploitable with Sniper
No
CVE Published
Jul 1, 2022
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available