5.3

CVE-2022-4255

An info leak issue was identified in all versions of GitLab EE from 13.7 prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 which exposes user email id through webhook payload.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GitlabGitlab SwEditioncommunity Version >= 13.7.0 < 15.4.6
GitlabGitlab SwEditionenterprise Version >= 13.7.0 < 15.4.6
GitlabGitlab SwEditioncommunity Version >= 15.5.0 < 15.5.5
GitlabGitlab SwEditionenterprise Version >= 15.5.0 < 15.5.5
GitlabGitlab Version15.6.0 SwEditioncommunity
GitlabGitlab Version15.6.0 SwEditionenterprise
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.19% 0.405
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cve@gitlab.com 4.3 2.8 1.4
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N