First published: Mon Oct 17 2022(Updated: )
Email addresses were leaked in WebHook logs in GitLab EE affecting all versions from 9.3 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1
Credit: cve@gitlab.com
Affected Software | Affected Version | How to fix |
---|---|---|
GitLab GitLab | >=9.3<15.2.5 | |
GitLab GitLab | >=15.3<15.3.4 | |
GitLab GitLab | >=15.4<15.4.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2022-3293.
The severity level of CVE-2022-3293 is medium (4.3).
All versions from 9.3 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 are affected by CVE-2022-3293.
The CWE category of CVE-2022-3293 is CWE-532.
To fix the vulnerability CVE-2022-3293, you should update GitLab EE to version 15.2.5, 15.3.4, or 15.4.1.