Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2022-0549

An issue has been discovered in GitLab CE/EE affecting all versions before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Under certain conditions, GitLab REST API may allow unprivileged users to add other users to groups even if that is not possible to do through the Web UI.

  • Published: Mar 28, 2022
  • Updated: Apr 14, 2023
  • CVE: CVE-2022-0549
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.5
  • AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

  • Severity: Low
  • Score: 3.5
  • AV:N/AC:M/Au:S/C:N/I:P/A:N

No CWE or OWASP classifications available.

Software From Fixed in
gitlab / gitlab 14.7 14.7.4
gitlab / gitlab 14.8 14.8.2
gitlab / gitlab 13.2 14.6.5