Headline
CVE-2022-2884
A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3.1 allows an an authenticated user to achieve remote code execution via the Import from GitHub API endpoint
Related news
Data importation mechanism failed to sanitize imports
Categories: Exploits and vulnerabilities Categories: News Tags: GitLab Tags: RCE Tags: CVE-2022-2884 Tags: GitHub Tags: import GitLab has released important security fixes to patch for an RCE vulnerability, known as CVE-2022-2884. (Read more...) The post Update now! GitLab issues critical security release for RCE vulnerability appeared first on Malwarebytes Labs.
DevOps platform GitLab this week issued patches to address a critical security flaw in its software that could lead to arbitrary code execution on affected systems. Tracked as CVE-2022-2884, the issue is rated 9.9 on the CVSS vulnerability scoring system and impacts all versions of GitLab Community Edition (CE) and Enterprise Edition (EE) starting from 11.3.4 before 15.1.5, 15.2 before 15.2.3,
Update now to protect against security vulnerability