CVE-2022-1413

Missing input masking in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 causes potentially sensitive integration properties to be disclosed in the web interface
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:14.10.0:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:14.10.0:*:*:*:enterprise:*:*:*

History

21 Nov 2024, 06:40

Type Values Removed Values Added
CVSS v2 : 5.0
v3 : 7.5
v2 : 5.0
v3 : 5.4
References () https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1413.json - Third Party Advisory () https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1413.json - Third Party Advisory
References () https://gitlab.com/gitlab-org/gitlab/-/issues/353720 - Broken Link () https://gitlab.com/gitlab-org/gitlab/-/issues/353720 - Broken Link

08 Aug 2023, 14:22

Type Values Removed Values Added
CWE CWE-668 CWE-522

Information

Published : 2022-05-19 18:15

Updated : 2024-11-21 06:40


NVD link : CVE-2022-1413

Mitre link : CVE-2022-1413

CVE.ORG link : CVE-2022-1413


JSON object : View

Products Affected

gitlab

  • gitlab
CWE
CWE-522

Insufficiently Protected Credentials