CVE-2022-1124

Summary

An improper authorization issue has been discovered in GitLab CE/EE affecting all versions prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0, allowing Guest project members to access trace log of jobs when it is enabled

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab<14.8.6affected
GitLabGitLab>=14.9.0, <14.9.4affected
GitLabGitLab>=14.10.0, <14.10.1affected

Weaknesses

  • Improper authorization in GitLab

ADP Enrichment

CVE Program Container

Additional References

References