VDB

CVE-2022-3351

CVE-2022-3351 PUBLISHED

An issue has been discovered in GitLab EE affecting all versions starting from 13.7 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1. A user's primary email may be disclosed to an attacker through group member events webhooks.

EPSS 0.19% · 40.5th percentile

Risk Scores

EPSS Score
0.19%
40.5th percentile

Affected Products

VendorProductVersions
Bitnamigitlab13.7.0, 15.4.0, 15.3.0
Bitnamigitlab13.7.0, 15.3.0, 15.4.0

Timeline

  • Jul 1, 2022 CVE Published
  • Oct 18, 2022 EPSS Score
  • Dec 1, 2022 EPSS Score
  • Jan 13, 2023 EPSS Score
  • Feb 26, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 11, 2023 EPSS Score
  • May 25, 2023 EPSS Score
  • Jul 7, 2023 EPSS Score
  • Aug 20, 2023 EPSS Score
  • Oct 3, 2023 EPSS Score
  • Nov 16, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›