CVE-2022-3726
published 2022-11-10CVE-2022-3726: Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions from 12.6 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2…
PriorityP347critical9CVSS 3.1
AVNACLPRLUIRSCCHIHAH
EPSS
0.77%
51.1th percentile
Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions from 12.6 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to trick a user to click on the Swagger OpenAPI viewer and issue HTTP requests that affect the victim's account.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | gitlab | < gitlab 15.10.8+ds1-2 (sid) | gitlab 15.10.8+ds1-2 (sid) |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | — | — |
| gitlab | gitlab | >= 12.6.0 < 15.3.5 | 15.3.5 |
| gitlab | gitlab | >= 15.4.0 < 15.4.4 | 15.4.4 |
| gitlab | gitlab | >= 15.5.0 < 15.5.2 | 15.5.2 |
| gitlab | gitlab_ce | — | — |
CVSS provenance
nvdv3.19.0CRITICALCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
osv9.0CRITICAL
vendor_debian4.8MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GitLab
CVE-2022-3726: Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions from 12.6 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.
vendor_gitlab·2022-11-10·CVSS 4.8
CVE-2022-3726 [MEDIUM] CVE-2022-3726: Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions from 12.6 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.
CVE-2022-3726: Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions from 12.6 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to trick a user to click on the Swagger OpenAPI viewer and issue HTTP requests that affect the victim's account.
Debian
CVE-2022-3726: gitlab - Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions ...
vendor_debian·2022·CVSS 4.8
CVE-2022-3726 [MEDIUM] CVE-2022-3726: gitlab - Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions ...
Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions from 12.6 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to trick a user to click on the Swagger OpenAPI viewer and issue HTTP requests that affect the victim's account.
Scope: local
sid: resolved (fixed in 15.10.8+ds1-2)
GHSA
GHSA-75cm-h3qp-7jq4: Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions from 12
ghsa_unreviewed·2022-11-10
CVE-2022-3726 [CRITICAL] GHSA-75cm-h3qp-7jq4: Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions from 12
Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions from 12.6 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to trick a user to click on the Swagger OpenAPI viewer and issue HTTP requests that affect the victim's account.
OSV
CVE-2022-3726: Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions from 12
osv·2022-11-10·CVSS 9.0
CVE-2022-3726 [CRITICAL] CVE-2022-3726: Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions from 12
Lack of sand-boxing of OpenAPI documents in GitLab CE/EE affecting all versions from 12.6 prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2 allows an attacker to trick a user to click on the Swagger OpenAPI viewer and issue HTTP requests that affect the victim's account.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3726.jsonhttps://gitlab.com/gitlab-org/gitlab/-/issues/362509https://hackerone.com/reports/1563383https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3726.jsonhttps://gitlab.com/gitlab-org/gitlab/-/issues/362509https://hackerone.com/reports/1563383
2022-11-10
Published