vulnerability
Gitlab: CVE-2022-0738: Adding a pull mirror with SSH credentials can leak password
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
4 | (AV:N/AC:M/Au:N/C:P/I:N/A:N) | Feb 26, 2022 | Mar 1, 2022 | Apr 11, 2022 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
Feb 26, 2022
Added
Mar 1, 2022
Modified
Apr 11, 2022
Description
An issue has been discovered in GitLab affecting all versions starting from 14.6 before 14.6.5, all versions starting from 14.7 before 14.7.4, all versions starting from 14.8 before 14.8.2. GitLab was leaking user passwords when adding mirrors with SSH credentials under specific conditions.
Solution(s)
gitlab-upgrade-14-6-5gitlab-upgrade-14-7-4gitlab-upgrade-14-8-2

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.