CVE-2022-2497 log
| Source |
|
| Severity | Medium |
| Remote | Yes |
| Type | Unknown |
| Description | A malicious maintainer could exfiltrate an integration's access token by modifying the integration URL such that authenticated requests are sent to an attacker controlled server. |
| Group | Package | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|---|
| AVG-2785 | gitlab | 15.2.0-1 | 15.2.1-1 | Medium | Fixed |