Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.9
CVSSv3

CVE-2022-3740

Published: 26/01/2023 Updated: 08/08/2023
CVSS v3 Base Score: 4.9 | Impact Score: 3.6 | Exploitability Score: 1.2
VMScore: 0
Subscribe to Gitlab

Vulnerability Summary

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.9 before 15.3.5, 15.4 before 15.4.4, and 15.5 before 15.5.2. A group owner may be able to bypass External Authorization check, if it is enabled, to access git repositories and package registries by using Deploy tokens or Deploy keys .

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

gitlab gitlab 15.6.0

gitlab gitlab

References

NVD-CWE-Otherhttps://hackerone.com/reports/1602904https://gitlab.com/gitlab-org/gitlab/-/issues/368416https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3740.jsonhttps://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
injectionCVE-2024-30983CVE-2023-4235CVE-2024-21338privilegeencryptionCVE-2023-4232CVE-2024-31497CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook