Security Advisory

CVE-2022-0090

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-01-18 16:52:09

Last updated 2024-08-02 23:18:41

Assigner GitLab

State PUBLISHED

Description

An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. GitLab is configured in a way that it doesnt ignore replacement references with git sub-commands, allowing a malicious user to spoof the contents of their commits in the UI.

← Browse all CVEs View on cve.org ↗