CVE-2022-4255

medium

Description

An info leak issue was identified in all versions of GitLab EE from 13.7 prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 which exposes user email id through webhook payload.

References

https://gitlab.com/gitlab-org/gitlab/-/issues/373819

https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4255.json

Details

Source: Mitre, NVD

Published: 2023-01-27

Updated: 2023-02-06

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 5.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Severity: Medium