Missing input masking in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 causes potentially sensitive integration properties to be disclosed in the web interface
References
Link | Resource |
---|---|
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1413.json | Third Party Advisory |
https://gitlab.com/gitlab-org/gitlab/-/issues/353720 | Broken Link |
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1413.json | Third Party Advisory |
https://gitlab.com/gitlab-org/gitlab/-/issues/353720 | Broken Link |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 06:40
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 5.4 |
References | () https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1413.json - Third Party Advisory | |
References | () https://gitlab.com/gitlab-org/gitlab/-/issues/353720 - Broken Link |
08 Aug 2023, 14:22
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-522 |
Information
Published : 2022-05-19 18:15
Updated : 2024-11-21 06:40
NVD link : CVE-2022-1413
Mitre link : CVE-2022-1413
CVE.ORG link : CVE-2022-1413
JSON object : View
Products Affected
gitlab
- gitlab
CWE
CWE-522
Insufficiently Protected Credentials