CVE-2022-0283

Summary

An issue has been discovered affecting GitLab versions prior to 13.5. An open redirect vulnerability was fixed in GitLab integration with Jira that a could cause the web application to redirect the request to the attacker specified URL.

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=14.7, <14.7.1affected
GitLabGitLab>=14.6, <14.6.4affected
GitLabGitLab>=13.5, <14.5.4affected

Weaknesses

  • Externally controlled reference to a resource in another sphere in GitLab

ADP Enrichment

CVE Program Container

Additional References

References