Gitlab Dynamic Application Security Testing Analyzer vulnerabilities
4 known vulnerabilities affecting gitlab/dynamic_application_security_testing_analyzer.
Total CVEs
4
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM4
Vulnerabilities
Page 1 of 1
CVE-2023-0326MEDIUMCVSS 4.3≥ 1.6.50, < 2.11.02023-03-27
CVE-2023-0326 [MEDIUM] CVE-2023-0326: An issue has been discovered in GitLab DAST API scanner affecting all versions starting from 1.6.50
An issue has been discovered in GitLab DAST API scanner affecting all versions starting from 1.6.50 before 2.11.0, where Authorization headers was leaked in vulnerability report evidence.
nvd
CVE-2022-3767MEDIUMCVSS 6.5≥ 1.11.0, < 3.0.322023-03-09
CVE-2022-3767 [HIGH] CWE-20 CVE-2022-3767: Missing validation in DAST analyzer affecting all versions from 1.11.0 prior to 3.0.32, allows custo
Missing validation in DAST analyzer affecting all versions from 1.11.0 prior to 3.0.32, allows custom request headers to be sent with every request, regardless of the host.
nvd
CVE-2022-4317MEDIUMCVSS 6.1≥ 1.47.0, < 3.0.512023-03-09
CVE-2022-4317 [MEDIUM] CWE-601 CVE-2022-4317: An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 1.47 befor
An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 1.47 before 3.0.51, which sends custom request headers in redirects.
nvd
CVE-2022-4315MEDIUMCVSS 6.5≥ 2.0.0, < 3.0.552023-03-08
CVE-2022-4315 [MEDIUM] CWE-863 CVE-2022-4315: An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 2.0 before
An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 2.0 before 3.0.55, which sends custom request headers with every request on the authentication page.
nvd