CVE-2022-2499

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-2499
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-2499.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-2499
Aliases
Related
Published
2022-08-05T16:15:12Z
Modified
2025-02-18T21:40:44Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

An issue has been discovered in GitLab EE affecting all versions starting from 13.10 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. GitLab's Jira integration has an insecure direct object reference vulnerability that may be exploited by an attacker to leak Jira issues.

References

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type
GIT
Repo
https://gitlab.com/gitlab-org/gitlab
Events