Vulnerabilities > Gitlab > Dynamic Application Security Testing Analyzer > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-03-27 CVE-2023-0326 Unspecified vulnerability in Gitlab Dynamic Application Security Testing Analyzer
An issue has been discovered in GitLab DAST API scanner affecting all versions starting from 1.6.50 before 2.11.0, where Authorization headers was leaked in vulnerability report evidence.
network
low complexity
gitlab
4.3
2023-03-09 CVE-2022-3767 Unspecified vulnerability in Gitlab Dynamic Application Security Testing Analyzer
Missing validation in DAST analyzer affecting all versions from 1.11.0 prior to 3.0.32, allows custom request headers to be sent with every request, regardless of the host.
network
low complexity
gitlab
6.5
2023-03-09 CVE-2022-4317 Open Redirect vulnerability in Gitlab Dynamic Application Security Testing Analyzer
An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 1.47 before 3.0.51, which sends custom request headers in redirects.
network
low complexity
gitlab CWE-601
6.1
2023-03-08 CVE-2022-4315 Incorrect Authorization vulnerability in Gitlab Dynamic Application Security Testing Analyzer
An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 2.0 before 3.0.55, which sends custom request headers with every request on the authentication page.
network
low complexity
gitlab CWE-863
6.5