CVE-2022-2250

Summary

An open redirect vulnerability in GitLab EE/CE affecting all versions from 11.1 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allows an attacker to redirect users to an arbitrary location if they trust the URL.

Affected Software

VendorProductVersion RangeStatus
GitLabGitLab>=11.1, <14.10.5affected
GitLabGitLab>=15.0, <15.0.4affected
GitLabGitLab>=15.1, <15.1.1affected

Weaknesses

  • Url redirection to untrusted site ('open redirect') in GitLab

ADP Enrichment

CVE Program Container

Additional References

References