First published: Fri Aug 05 2022(Updated: )
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.6 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1, allowed a project member to filter issues by contact and organization.
Credit: cve@gitlab.com cve@gitlab.com
Affected Software | Affected Version | How to fix |
---|---|---|
GitLab | >=14.6.0<15.0.5 | |
GitLab | >=15.1.0<15.1.4 | |
GitLab | =15.2 | |
GitLab | >=14.6.0<15.0.5 | |
GitLab | >=15.1.0<15.1.4 | |
GitLab | =15.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-2539 is classified as a medium severity vulnerability affecting GitLab offerings.
To fix CVE-2022-2539, upgrade your GitLab installation to version 15.0.5, 15.1.4, or 15.2.1 or later.
CVE-2022-2539 affects GitLab CE/EE versions from 14.6 to versions prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1.
CVE-2022-2539 allows a project member to filter issues by contact and organization, potentially leading to information disclosure.
Yes, CVE-2022-2539 affects both GitLab Community Edition (CE) and Enterprise Edition (EE) versions.