---

CVE-2022-2417 - log back

CVE-2022-2417 edited at 28 Jul 2022 17:05:16
Severity	- Unknown + Medium
Remote	- Unknown + Remote
Description	+ gitlab allows an authenticated and authorised user to import a project that includes branch names which are 40 hexadecimal characters, which could be abused in supply chain attacks where a victim pinned to a specific Git commit of the project
References
Notes

CVE-2022-2417 created at 28 Jul 2022 16:57:40