CVE-2022-2826

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-2826

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-2826.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-2826

Aliases

BIT-gitlab-2022-2826

Related

UBUNTU-CVE-2022-2826

Published

2022-10-28T22:15:09Z

Modified

2025-05-07T16:15:19Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

An issue has been discovered in GitLab affecting all versions starting from 10.0 before 12.9.8, all versions starting from 12.10 before 12.10.7, all versions starting from 13.0 before 13.0.1. TODO

References

https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2826.json
https://gitlab.com/gitlab-org/gitlab/-/issues/370790
https://hackerone.com/reports/1646633

Affected packages

Git / gitlab.com/gitlab-org/gitlab

Affected ranges

Type: GIT
Repo: https://gitlab.com/gitlab-org/gitlab
Events: Introduced

235b8d50ad14e7cdf4bc61c3df070f38dee97974

Fixed

a83f3b1c8cee724f394fbf0c6872928e4f8e882b