CVE-2022-3726 - How GitLab’s Missing OpenAPI Sandboxing Put Users at Risk
Published: June 2024
Severity: Medium/High
Affected Products: GitLab CE/EE
Vulnerable Versions:
Summary
In late 2022, a significant vulnerability, CVE-2022-3726, was disclosed in GitLab
CVE-2022-3819 - How a Simple Emoji Authorization Flaw Snuck into GitLab
In late 2022, security researchers uncovered CVE-2022-3819, a seemingly harmless but tricky vulnerability affecting GitLab Community Edition (CE) and Enterprise Edition (EE). This issue allowed
CVE-2022-3265 - How a Simple Color Setting Became a Dangerous Stored XSS in GitLab
Cross-Site Scripting (XSS) vulnerabilities have plagued web applications for decades, but they still show up in surprising ways. In 2022, GitLab—a popular DevOps platform—
CVE-2022-2761 - How an Information Disclosure Bug in GitLab Leaked Restricted Resource Names via Jira Issues
In mid-2022, a vulnerability was uncovered in GitLab Community Edition (CE) and Enterprise Edition (EE), identified as CVE-2022-2761. This bug let attackers discover the names
CVE-2022-3483 - Datadog Token Leak in GitLab Integrations - Full Analysis
In October 2022, a significant vulnerability tagged as CVE-2022-3483 was revealed in GitLab Community Edition (CE) and Enterprise Edition (EE). This bug impacts all versions
Episode
00:00:00
00:00:00