Published: 11/05/2022 Updated: 08/08/2023

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 4.9 | Impact Score: 3.6 | Exploitability Score: 1.2

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N

An issue has been discovered in GitLab affecting all versions starting from 9.2 prior to 14.8.6, all versions starting from 14.9 prior to 14.9.4, all versions starting from 14.10 prior to 14.10.1. GitLab was not performing correct authorizations on scheduled pipelines allowing a malicious user to run a pipeline in the context of another user.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gitlab gitlab 14.10.0
gitlab gitlab

An issue has been discovered in GitLab affecting all versions starting from 92 before 1486, all versions starting from 149 before 1494, all versions starting from 1410 before 14101 GitLab was not performing correct authorizations on scheduled pipelines allowing a malicious user to run a pipeline in the context of another user ...

CWE-863 https://hackerone.com/reports/755078 https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1460.json https://gitlab.com/gitlab-org/gitlab/-/issues/118782 https://nvd.nist.gov https://security.archlinux.org/CVE-2022-1460

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-1460

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect