CVE-2022-0740

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-0740
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-0740.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-0740
Aliases
Related
Published
2022-04-04T20:15:09Z
Modified
2024-11-21T06:39:17Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
Summary
[none]
Details

Incorrect authorization in the Asana integration's branch restriction feature in all versions of GitLab CE/EE starting from version 7.8.0 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 makes it possible to close Asana tasks from unrestricted branches.

References

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type
GIT
Repo
https://gitlab.com/gitlab-org/gitlab
Events