CVE-2022-2539
published 2022-08-05CVE-2022-2539: An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.6 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1, allowed…
PriorityP426medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EPSS
0.61%
45.0th percentile
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.6 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1, allowed a project member to filter issues by contact and organization.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gitlab | < gitlab 15.10.8+ds1-2 (sid) | gitlab 15.10.8+ds1-2 (sid) |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | >= 14.6.0 < 15.0.5 | 15.0.5 |
| gitlab | gitlab | >= 15.1.0 < 15.1.4 | 15.1.4 |
| gitlab | gitlab_ce | — | — |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
osv5.3MEDIUM
cisa7.8HIGH
vendor_debian5.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GitLab
CVE-2022-2539: An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.6 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1
vendor_gitlab·2022-08-05·CVSS 5.3
CVE-2022-2539 [MEDIUM] CVE-2022-2539: An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.6 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1
CVE-2022-2539: An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.6 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1, allowed a project member to filter issues by contact and organization.
CISA
Microsoft Word Remote Code Execution Vulnerability
cisa·2022-03-28·CVSS 7.8
CVE-2012-2539 [HIGH] CWE-399 Microsoft Word Remote Code Execution Vulnerability
Vulnerability: Microsoft Word Remote Code Execution Vulnerability
Affected: Microsoft Word
Microsoft Word allows attackers to execute remote code or cause a denial-of-service (DoS) via crafted RTF data.
Required Action: Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2012-2539
Remediation Due Date: 2022-04-18
Debian
CVE-2022-2539: gitlab - An issue has been discovered in GitLab CE/EE affecting all versions starting fro...
vendor_debian·2022·CVSS 5.3
CVE-2022-2539 [MEDIUM] CVE-2022-2539: gitlab - An issue has been discovered in GitLab CE/EE affecting all versions starting fro...
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.6 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1, allowed a project member to filter issues by contact and organization.
Scope: local
sid: resolved (fixed in 15.10.8+ds1-2)
GHSA
GHSA-238w-mq8v-6c9c: An issue has been discovered in GitLab CE/EE affecting all versions starting from 14
ghsa_unreviewed·2022-08-06
CVE-2022-2539 [MEDIUM] CWE-863 GHSA-238w-mq8v-6c9c: An issue has been discovered in GitLab CE/EE affecting all versions starting from 14
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.6 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1, allowed a project member to filter issues by contact and organization.
OSV
CVE-2022-2539: An issue has been discovered in GitLab CE/EE affecting all versions starting from 14
osv·2022-08-05·CVSS 5.3
CVE-2022-2539 [MEDIUM] CVE-2022-2539: An issue has been discovered in GitLab CE/EE affecting all versions starting from 14
An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.6 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1, allowed a project member to filter issues by contact and organization.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-08-05
Published