CVE-2022-0283
published 2022-03-28CVE-2022-0283: An issue has been discovered affecting GitLab versions prior to 13.5. An open redirect vulnerability was fixed in GitLab integration with Jira that a could…
PriorityP424medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
0.74%
50.1th percentile
An issue has been discovered affecting GitLab versions prior to 13.5. An open redirect vulnerability was fixed in GitLab integration with Jira that a could cause the web application to redirect the request to the attacker specified URL.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gitlab | < gitlab 15.10.8+ds1-2 (sid) | gitlab 15.10.8+ds1-2 (sid) |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | >= 13.5 < 14.5.4 | 14.5.4 |
| gitlab | gitlab | >= 14.6 < 14.6.4 | 14.6.4 |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.05.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:N
osv6.1MEDIUM
vendor_debian4.7MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GitLab
CVE-2022-0283: An issue has been discovered affecting GitLab versions prior to 13.5. An open redirect vulnerability was fixed in GitLab integration with Jira that a
vendor_gitlab·2022-03-28·CVSS 4.7
CVE-2022-0283 [MEDIUM] CWE-601 CVE-2022-0283: An issue has been discovered affecting GitLab versions prior to 13.5. An open redirect vulnerability was fixed in GitLab integration with Jira that a
CVE-2022-0283: An issue has been discovered affecting GitLab versions prior to 13.5. An open redirect vulnerability was fixed in GitLab integration with Jira that a could cause the web application to redirect the request to the attacker specified URL.
Debian
CVE-2022-0283: gitlab - An issue has been discovered affecting GitLab versions prior to 13.5. An open re...
vendor_debian·2022·CVSS 4.7
CVE-2022-0283 [MEDIUM] CVE-2022-0283: gitlab - An issue has been discovered affecting GitLab versions prior to 13.5. An open re...
An issue has been discovered affecting GitLab versions prior to 13.5. An open redirect vulnerability was fixed in GitLab integration with Jira that a could cause the web application to redirect the request to the attacker specified URL.
Scope: local
sid: resolved (fixed in 15.10.8+ds1-2)
GHSA
GHSA-9238-gwm5-6mm9: An issue has been discovered affecting GitLab versions prior to 13
ghsa_unreviewed·2022-03-29
CVE-2022-0283 [MEDIUM] CWE-601 GHSA-9238-gwm5-6mm9: An issue has been discovered affecting GitLab versions prior to 13
An issue has been discovered affecting GitLab versions prior to 13.5. An open redirect vulnerability was fixed in GitLab integration with Jira that a could cause the web application to redirect the request to the attacker specified URL.
OSV
CVE-2022-0283: An issue has been discovered affecting GitLab versions prior to 13
osv·2022-03-28·CVSS 6.1
CVE-2022-0283 [MEDIUM] CVE-2022-0283: An issue has been discovered affecting GitLab versions prior to 13
An issue has been discovered affecting GitLab versions prior to 13.5. An open redirect vulnerability was fixed in GitLab integration with Jira that a could cause the web application to redirect the request to the attacker specified URL.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-03-28
Published