CVE-2022-1423 log

Source
Severity High
Remote Unknown
Type Arbitrary code execution
Description
Improper access control in the CI/CD cache mechanism in GitLab CE/EE affecting all versions from 1.0.2 before 14.8.6 allows a malicious actor with Developer privileges to perform cache poisoning leading to arbitrary code execution in protected branches.
Group Package Affected Fixed Severity Status Ticket
AVG-2696 gitlab 14.10-1 14.10.2-1 High Fixed