Vulnerabilities > Gitlab > Dynamic Application Security Testing Analyzer
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-03-27 | CVE-2023-0326 | Unspecified vulnerability in Gitlab Dynamic Application Security Testing Analyzer An issue has been discovered in GitLab DAST API scanner affecting all versions starting from 1.6.50 before 2.11.0, where Authorization headers was leaked in vulnerability report evidence. | 4.3 |
2023-03-09 | CVE-2022-3767 | Unspecified vulnerability in Gitlab Dynamic Application Security Testing Analyzer Missing validation in DAST analyzer affecting all versions from 1.11.0 prior to 3.0.32, allows custom request headers to be sent with every request, regardless of the host. | 6.5 |
2023-03-09 | CVE-2022-4317 | Open Redirect vulnerability in Gitlab Dynamic Application Security Testing Analyzer An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 1.47 before 3.0.51, which sends custom request headers in redirects. | 6.1 |
2023-03-08 | CVE-2022-4315 | Incorrect Authorization vulnerability in Gitlab Dynamic Application Security Testing Analyzer An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 2.0 before 3.0.55, which sends custom request headers with every request on the authentication page. | 6.5 |