CVE-2022-1423 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	High
Remote	Unknown
Type	Arbitrary code execution
Description	Improper access control in the CI/CD cache mechanism in GitLab CE/EE affecting all versions from 1.0.2 before 14.8.6 allows a malicious actor with Developer privileges to perform cache poisoning leading to arbitrary code execution in protected branches.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-2696	gitlab	14.10-1	14.10.2-1	High	Fixed