CVE-2022-1111

Summary

A business logic error in Project Import in GitLab CE/EE versions 14.9 prior to 14.9.2, 14.8 prior to 14.8.5, and 14.0 prior to 14.7.7 under certain conditions caused imported projects to show an incorrect user in the 'Access Granted' column in the project membership pages

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=14.9, <14.9.2affected
GitLabGitLab>=14.8.0, <14.8.5affected
GitLabGitLab>=14.0, <14.7.7affected

Weaknesses

  • Vulnerability in GitLab

ADP Enrichment

CVE Program Container

Additional References

References