CVE-2022-2303 log

Severity Medium
Remote Yes
Type Unknown
It may be possible for group members to bypass 2FA enforcement enabled at the group level by using Resource Owner Password Credentials grant to obtain an access token without using 2FA
Group Package Affected Fixed Severity Status Ticket
AVG-2785 gitlab 15.2.0-1 15.2.1-1 Medium Fixed