CVSS: 9.9EPSS: 0%CPEs: 6EXPL: 1CVE-2022-2884 – GitLab v15.3 - Remote Code Execution (RCE) (Authenticated)
https://notcve.org/view.php?id=CVE-2022-2884
A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3.1 allows an an authenticated user to achieve remote code execution via the Import from GitHub API endpoint Una vulnerabilidad en GitLab CE/EE afectando a todas las versiones desde la 11.3.4 anteriores a 15.1.5, desde la 15.2 a 15.2.3, desde la 15.3 a 15.3.1, permite a un usuario autenticado lograr una ejecución de código remota por medio del endpoint de la API Import from GitHub GitLab version 15.3 suffers from a remote code execution vulnerability. • https://www.exploit-db.com/exploits/51181 http://packetstormsecurity.com/files/171628/GitLab-15.3-Remote-Code-Execution.html https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2884.json https://gitlab.com/gitlab-org/gitlab/-/issues/371098 https://hackerone.com/reports/1672388 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2022-2908
https://notcve.org/view.php?id=CVE-2022-2908
A potential DoS vulnerability was discovered in Gitlab CE/EE versions starting from 10.7 before 15.1.5, all versions starting from 15.2 before 15.2.3, all versions starting from 15.3 before 15.3.1 allowed an attacker to trigger high CPU usage via a special crafted input added in the Commit message field. Se ha detectado una potencial vulnerabilidad DoS en Gitlab CE/EE versiones a partir de 10.7 anteriores a 15.1.5, todas las versiones a partir de 15.2 anteriores a 15.2.3, todas las versiones a partir de 15.3 anteriores a 15.3.1, que permitía a un atacante desencadenar un alto uso de la CPU por medio de una entrada especialmente diseñada añadida en el campo de mensaje Commit • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2908.json https://gitlab.com/gitlab-org/gitlab/-/issues/363734 https://hackerone.com/reports/1584156 • CWE-1333: Inefficient Regular Expression Complexity •
CVSS: 9.9EPSS: 2%CPEs: 6EXPL: 3CVE-2022-2992 – GitLab GitHub Repo Import Deserialization RCE
https://notcve.org/view.php?id=CVE-2022-2992
A vulnerability in GitLab CE/EE affecting all versions from 11.10 prior to 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows an authenticated user to achieve remote code execution via the Import from GitHub API endpoint. Una vulnerabilidad en GitLab CE/EE afectando a todas las versiones desde la 11.10 anteriores a 15.1.6, desde la 15.2 hasta la 15.2.4, desde la 15.3 hasta la 15.3.2 permite a un usuario autenticado lograr la ejecución de código remota por medio del endpoint de la API Import from GitHub An authenticated user can import a repository from GitHub into GitLab. If a user attempts to import a repo from an attacker-controlled server, the server will reply with a Redis serialization protocol object in the nested default_branch. GitLab will cache this object and then deserialize it when trying to load a user session, resulting in remote code execution. • https://github.com/CsEnox/CVE-2022-2992 https://github.com/Malwareman007/CVE-2022-2992 http://packetstormsecurity.com/files/171008/GitLab-GitHub-Repo-Import-Deserialization-Remote-Code-Execution.html https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2992.json https://gitlab.com/gitlab-org/gitlab/-/issues/371884 https://hackerone.com/reports/1679624 https://github.com/redwaysecurity/CVEs/tree/main/CVE-2022-2992 https://raw.githubusercontent.com/rapid7/metasploit-framework/ma • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2022-3030
https://notcve.org/view.php?id=CVE-2022-3030
An improper access control issue in GitLab CE/EE affecting all versions starting before 15.1.6, all versions from 15.2 before 15.2.4, all versions from 15.3 before 15.3.2 allows disclosure of pipeline status to unauthorized users. Un problema de control de acceso inapropiado en GitLab CE/EE afectando a todas las versiones a partir de 15.1.6, a todas las versiones a partir de 15.2 anteriores a 15.2.4, a todas las versiones a partir de 15.3 anteriores a 15.3.2 permite revelar el estado de las tuberías a usuarios no autorizados • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3030.json https://gitlab.com/gitlab-org/gitlab/-/issues/37959 https://hackerone.com/reports/749882 •
CVSS: 7.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-3060
https://notcve.org/view.php?id=CVE-2022-3060
Improper control of a resource identifier in Error Tracking in GitLab CE/EE affecting all versions from 12.7 allows an authenticated attacker to generate content which could cause a victim to make unintended arbitrary requests Un control inapropiado de un identificador de recurso en el seguimiento de errores en GitLab CE/EE, afectando a todas las versiones a partir de 12.7, permite que un atacante autenticado genere contenido que podría causar que una víctima realice peticiones arbitrarias no deseadas • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3060.json https://gitlab.com/gitlab-org/gitlab/-/issues/365427 https://hackerone.com/reports/1600343 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •