CVE-2022-2992

high-risk
Published 2022-10-17

A vulnerability in GitLab CE/EE affecting all versions from 11.10 prior to 15.1.6, 15.2 to 15.2.4, 15.3 to 15.3.2 allows an authenticated user to achieve remote code execution via the Import from GitHub API endpoint.

Do I need to act?

!
93.7% chance of exploitation in next 30 days
EPSS score — higher than 6% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
+
Fix available
Upgrade to: e3fcea907325032eeaa732b45d404a26e6310018, e04b0a6dd2a14f79ac08d66fea184314051a1669, e2ffae9620a2f88ebff56d17b26046f292aef85a
9
CVSS 9.9/10 Critical
NETWORK / LOW complexity

Affected Products (2)

Affected Vendors

Gitlab

References (8)

http://packetstormsecurity.com/files/171008/GitLab-GitHub-Repo-Import-Deserializ...
Third Party Advisory https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2992.json
Broken Link https://gitlab.com/gitlab-org/gitlab/-/issues/371884
Permissions Required https://hackerone.com/reports/1679624
http://packetstormsecurity.com/files/171008/GitLab-GitHub-Repo-Import-Deserializ...
Third Party Advisory https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2992.json
Broken Link https://gitlab.com/gitlab-org/gitlab/-/issues/371884
Permissions Required https://hackerone.com/reports/1679624
60
/ 100
high-risk
Severity 33/34 · Critical
Exploitability 20/34 · Moderate
Exposure 7/34 · Low