1 results (0.004 seconds)
CVSS: 9.0EPSS: 8%CPEs: 3EXPL: 1
CVSS: 9.0EPSS: 8%CPEs: 3EXPL: 1CVE-2022-2251
https://notcve.org/view.php?id=CVE-2022-2251
17 Jan 2023 — Improper sanitization of branch names in GitLab Runner affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows a user who creates a branch with a specially crafted name and gets another user to trigger a pipeline to execute commands in the runner as that other user. • https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2251.json • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •