GitLab < 15.3.5 / 15.4 < 15.4.4 / 15.5 < 15.5.2 権限のないコマンドの実行

high Nessus プラグイン ID 166969

言語:

バージョン 1.5

Jan 26, 2023, 2:58 AM

  • CVSS metrics ("CVSSv2 score" changed from "4.9" to "9.0")
  • CVSS metrics ("CVSSv2 vector" changed from "CVSS2#AV:N/AC:H/Au:S/C:C/I:N/A:N" to "CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C")
  • CVSS metrics ("CVSSv3 score" changed from "4.8" to "8.0")
  • CVSS metrics ("CVSSv3 vector" changed from "CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N" to "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H")
  • CVSSv2 severity (based on CVE-2022-2251, severity increased from "Medium" to "High")
  • CVSSv3 score source (set to "CVE-2022-2251")
  • CVSSv3 severity (based on CVE-2022-2251, severity increased from "Medium" to "High")
  • Exploit attributes ("Exploit available" set to "False")

バージョン 1.4

Dec 8, 2022, 4:04 PM

  • IAVM reference

バージョン 1.3

Nov 10, 2022, 11:52 PM

  • IAVM reference
  • STIG Severity

バージョン 1.2

Nov 7, 2022, 3:54 PM

  • CVSS temporal metrics
  • Exploit attributes

バージョン 1.1

Nov 4, 2022, 7:41 PM

  • New

* Changelogs are generally available for changes made after Nov 1, 2022