First published: Thu Mar 09 2023(Updated: )
An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 1.47 before 3.0.51, which sends custom request headers in redirects.
Credit: cve@gitlab.com
Affected Software | Affected Version | How to fix |
---|---|---|
Gitlab Dynamic Application Security Testing Analyzer | >=1.47.0<3.0.51 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2022-4317 is medium with a CVSS score of 6.1.
All versions of GitLab DAST analyzer starting from 1.47 before 3.0.51 are affected by CVE-2022-4317.
CVE-2022-4317 is an issue in GitLab DAST analyzer that sends custom request headers in redirects.
Yes, references related to CVE-2022-4317 can be found at the following links: [Reference 1](https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4317.json), [Reference 2](https://gitlab.com/gitlab-org/gitlab/-/issues/384997), and [Reference 3](https://hackerone.com/reports/1767533).
The CWE ID for CVE-2022-4317 is 601.