CVE-2022-1188
published 2022-04-04CVE-2022-1188: An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 14.7.7, all versions starting from 14.8 before 14.8.5, all…
PriorityP426medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EPSS
1.01%
58.9th percentile
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 where a blind SSRF attack through the repository mirroring feature was possible.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gitlab | < gitlab 15.10.8+ds1-2 (sid) | gitlab 15.10.8+ds1-2 (sid) |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | >= 12.1.0 < 14.7.7 | 14.7.7 |
| gitlab | gitlab | >= 14.8.0 < 14.8.5 | 14.8.5 |
| gitlab | gitlab | >= 14.9.0 < 14.9.2 | 14.9.2 |
| gitlab | gitlab_ce | — | — |
| msrc | cbl2_kernel_5.15.102.1-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_1.0_arm | — | — |
| msrc | cbl_mariner_1.0_x64 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| msrc | cm1_kernel_5.10.172.1-1_on_cbl_mariner_1.0 | — | — |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.3MEDIUM
cisa9.8CRITICAL
vendor_msrc8.8HIGH
vendor_redhat7.8HIGH
vendor_debian3.7LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Apache Isis webconsole module may directly query the database in prototype mode
ghsa·2022-10-19
CVE-2022-42467 [MEDIUM] CWE-1188 Apache Isis webconsole module may directly query the database in prototype mode
Apache Isis webconsole module may directly query the database in prototype mode
When running in prototype mode, the h2 webconsole module (accessible from the Prototype menu) is automatically made available with the ability to directly query the database. It was felt that it is safer to require the developer to explicitly enable this capability. As of 2.0.0-M8, this can now be done using the `isis.prototyping.h2-console.web-allow-remote-access` configuration property; the web console will be unavailable without setting this configuration. As an additional safeguard, the new `isis.prototyping.h2-console.generate-random-web-admin-password` configuration parameter (enabled by default) requires that the administrator use a randomly generated password to use the console. The password is printed
GHSA
WildFly vulnerable to Insecure Default Initialization of Resource
ghsa·2022-09-14
CVE-2022-1278 [HIGH] CWE-1188 WildFly vulnerable to Insecure Default Initialization of Resource
WildFly vulnerable to Insecure Default Initialization of Resource
A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.
GHSA
GHSA-9hcx-gvx4-r4rp: An issue has been discovered in GitLab CE/EE affecting all versions starting from 12
ghsa_unreviewed·2022-04-05
CVE-2022-1188 [MEDIUM] CWE-918 GHSA-9hcx-gvx4-r4rp: An issue has been discovered in GitLab CE/EE affecting all versions starting from 12
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 where a blind SSRF attack through the repository mirroring feature was possible.
OSV
CVE-2022-1188: An issue has been discovered in GitLab CE/EE affecting all versions starting from 12
osv·2022-04-04·CVSS 5.3
CVE-2022-1188 [MEDIUM] CVE-2022-1188: An issue has been discovered in GitLab CE/EE affecting all versions starting from 12
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 where a blind SSRF attack through the repository mirroring feature was possible.
Red Hat
kernel: Drivers: hv: vmbus: Fix initialization of device object in vmbus_device_register()
vendor_redhat·2025-02-26·CVSS 5.5
CVE-2022-49099 [MEDIUM] CWE-1188 kernel: Drivers: hv: vmbus: Fix initialization of device object in vmbus_device_register()
kernel: Drivers: hv: vmbus: Fix initialization of device object in vmbus_device_register()
In the Linux kernel, the following vulnerability has been resolved:
Drivers: hv: vmbus: Fix initialization of device object in vmbus_device_register()
Initialize the device's dma_{mask,parms} pointers and the device's
dma_mask value before invoking device_register(). Address the
following trace with 5.17-rc7:
[ 49.646839] WARNING: CPU: 0 PID: 189 at include/linux/dma-mapping.h:543
netvsc_probe+0x37a/0x3a0 [hv_netvsc]
[ 49.646928] Call Trace:
[ 49.646930]
[ 49.646935] vmbus_probe+0x40/0x60 [hv_vmbus]
[ 49.646942] really_probe+0x1ce/0x3b0
[ 49.646948] __driver_probe_device+0x109/0x180
[ 49.646952] driver_probe_device+0x23/0xa0
[ 49.646955] __device_attach_driver+0x76/0xe0
[ 49.646958] ? driver_allows_
Microsoft
Speculative execution attacks in KVM VMX
vendor_msrc·2023-01-10·CVSS 8.8
CVE-2022-2196 [MEDIUM] CWE-1188 Speculative execution attacks in KVM VMX
Speculative execution attacks in KVM VMX
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
Google: Google
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
Reference: https://learn.microsoft.co
Red Hat
kernel: KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks
vendor_redhat·2022-09-28·CVSS 5.8
CVE-2022-2196 [MEDIUM] CWE-1188 kernel: KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks
kernel: KVM: nVMX: missing IBPB when exiting from nested guest can lead to Spectre v2 attacks
A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBRS support to L1. An attacker at L2 with code execution can execute code on an indirect branch on the host machine. We recommend upgrading to Kernel 6.2 or past commit 2e7eab81425a
A flaw was found in the KVM's Intel nested virtualization feature (nVMX). Since L1 and L2 shared branch prediction modes (guest-user and guest-kernel), KVM did not protect indirect branches in L1 from steering by a malicious agent in L2. This could allow a malicious nested
CISA
Apache CouchDB Insecure Default Initialization of Resource Vulnerability
cisa·2022-08-25·CVSS 9.8
CVE-2022-24706 [CRITICAL] CWE-1188 Apache CouchDB Insecure Default Initialization of Resource Vulnerability
Vulnerability: Apache CouchDB Insecure Default Initialization of Resource Vulnerability
Affected: Apache CouchDB
Apache CouchDB contains an insecure default initialization of resource vulnerability which can allow an attacker to escalate to administrative privileges.
Required Action: Apply updates per vendor instructions.
Notes: https://lists.apache.org/thread/w24wo0h8nlctfps65txvk0oc5hdcnv00; https://nvd.nist.gov/vuln/detail/CVE-2022-24706
Remediation Due Date: 2022-09-15
Red Hat
WildFly: possible information disclosure
vendor_redhat·2022-04-08·CVSS 7.5
CVE-2022-1278 [HIGH] CWE-1188 WildFly: possible information disclosure
WildFly: possible information disclosure
A flaw was found in WildFly, where an attacker can see deployment names, endpoints, and any other data the trace payload may contain.
A flaw was found in WildFly. This flaw allows an attacker to see deployment names, endpoints, and any other data the trace payload may contain.
Package: WildFly (A-MQ Clients 2) - Not affected
Package: WildFly (Red Hat A-MQ Online) - Not affected
Package: WildFly (Red Hat build of Apicurio Registry 2) - Not affected
Package: WildFly (Red Hat build of Debezium 1) - Not affected
Package: WildFly (Red Hat build of Quarkus) - Not affected
Package: WildFly (Red Hat Data Grid 8) - Fix deferred
Package: WildFly (Red Hat Decision Manager 7) - Fix deferred
Package: WildFly (Red Hat Fuse 7) - Fix deferred
Package: Wi
GitLab
CVE-2022-1188: An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 14.7.7, all versions starting from 14.8 before 14.8.5, a
vendor_gitlab·2022-04-04·CVSS 3.7
CVE-2022-1188 [LOW] CWE-918 CVE-2022-1188: An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 14.7.7, all versions starting from 14.8 before 14.8.5, a
CVE-2022-1188: An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 where a blind SSRF attack through the repository mirroring feature was possible.
CISA
Apache Airflow's Experimental API Authentication Bypass
cisa·2022-01-18·CVSS 9.8
CVE-2020-13927 [CRITICAL] CWE-1188 Apache Airflow's Experimental API Authentication Bypass
Vulnerability: Apache Airflow's Experimental API Authentication Bypass
Affected: Apache Airflow's Experimental API
The previous default setting for Airflow's Experimental API was to allow all API requests without authentication.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2020-13927
Remediation Due Date: 2022-07-18
Debian
CVE-2022-1188: gitlab - An issue has been discovered in GitLab CE/EE affecting all versions starting fro...
vendor_debian·2022·CVSS 3.7
CVE-2022-1188 [LOW] CVE-2022-1188: gitlab - An issue has been discovered in GitLab CE/EE affecting all versions starting fro...
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.1 before 14.7.7, all versions starting from 14.8 before 14.8.5, all versions starting from 14.9 before 14.9.2 where a blind SSRF attack through the repository mirroring feature was possible.
Scope: local
sid: resolved (fixed in 15.10.8+ds1-2)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1188.jsonhttps://gitlab.com/gitlab-org/gitlab/-/issues/354059https://hackerone.com/reports/1486659https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1188.jsonhttps://gitlab.com/gitlab-org/gitlab/-/issues/354059https://hackerone.com/reports/1486659
2022-04-04
Published