Vulnerabilities > CVE-2022-1999 - Unspecified vulnerability in Gitlab

047910
CVSS 5.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
network
low complexity
gitlab
NVD
Published: 2022-07-01
Updated: 2022-07-13

Summary

An issue has been discovered in GitLab CE/EE affecting all versions from 8.13 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1. Under certain conditions, using the REST API an unprivileged user was able to change labels description.

Vulnerable Configurations

Part Description Count
Application
Gitlab
1519

References