Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2022-3820

An issue has been discovered in GitLab affecting all versions starting from 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. GitLab was not performing correct authentication with some Package Registries when IP address restrictions were configured, allowing an attacker already in possession of a valid Deploy Token to misuse it from any location.

  • Published: Jan 26, 2023
  • Updated: Apr 14, 2023
  • CVE: CVE-2022-3820
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.5
  • AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

No CWE or OWASP classifications available.

Software From Fixed in
gitlab / gitlab 15.6.0 15.6.0.x
gitlab / gitlab 15.5.0 15.5.5
gitlab / gitlab 15.4.0 15.4.6