CVE-2022-4317

Summary

An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 1.47 before 3.0.51, which sends custom request headers in redirects.

Affected Software

VendorProductVersion RangeStatus
GitLabDAST>=1.47, <3.0.51affected

Weaknesses

  • Information exposure in DAST

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References