logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2022-4054

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2022-4054

Description:
An issue has been discovered in GitLab affecting all versions starting from 9.3 before 15.4.6, all versions starting from 15.5 before 15.5.5, all versions starting from 15.6 before 15.6.1. It was possible for a project maintainer to leak a webhook secret token by changing the webhook URL to an endpoint that allows them to capture request headers.
Last updated date:
02/01/2023
Type:
exploit
Confidence:
HIGH
Date of publishing:
02/01/2023
Reference url to background

https://gitlab.com/gitlab-org/gitlab/-/issues/382260

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy