vulnerability

Gitlab: CVE-2022-0738: Adding a pull mirror with SSH credentials can leak password

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
Feb 26, 2022
Added
Mar 1, 2022
Modified
Apr 11, 2022

Description

An issue has been discovered in GitLab affecting all versions starting from 14.6 before 14.6.5, all versions starting from 14.7 before 14.7.4, all versions starting from 14.8 before 14.8.2. GitLab was leaking user passwords when adding mirrors with SSH credentials under specific conditions.

Solution(s)

gitlab-upgrade-14-6-5gitlab-upgrade-14-7-4gitlab-upgrade-14-8-2
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.