Published: 01/07/2022 Updated: 19/07/2022
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

A critical issue has been discovered in GitLab affecting all versions starting from 14.0 before 14.10.5, 15.0 before 15.0.4, and 15.1 before 15.1.1 where an authenticated user authorized to import projects could import a maliciously crafted project leading to remote code execution.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

gitlab gitlab 15.1.0

gitlab gitlab

Github Repositories

CVE-2022-2185 wo ee cve-2022-2185 gitlab authenticated rce

CVE-2022-2185-poc CVE-2022-2185 poc

2022-HW-POC 2022 护网行动 POC 整理,网上冲浪冲来的,本人不对信息真实性负责。 免责申明:此POC严禁用于任何非授权攻击,遵守法律底线! 泛微云桥e-Bridge存在SQL注入漏洞 2022/7/11 新近真实漏洞 noxqianxincom/vulnerability/detail/QVD-2022-11894 Apache Commons远程代码执行漏洞(CVE-2022-33980) 2022/

CVE A collection of proof-of-concept exploit scripts written by the STAR Labs team for various CVEs that they discovered or found by others CVE-2022-2185 Target: GitLab Version: GitLab affecting all versions starting from 140 prior to 14105, 150 prior to 1504, and 151 prior to 1511 Exploit Written By: Nguyễn Tiến Giang CVE-2021-41073 Target: Linux Kernel Vers