CVE-2022-2307

LOW Year: 2022
CVSS v3 Score
3.8
Low
Weakness Type
CWE-459
View all →

Vulnerability Description

A lack of cascading deletes in GitLab CE/EE affecting all versions starting from 13.0 before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1 allows a malicious Group Owner to retain a usable Group Access Token even after the Group is deleted, though the APIs usable by that token are limited.

Related Vulnerabilities

CVE-2018-11068

LOW
CVSS:3.9(Low)

RSA BSAFE SSL-J versions prior to 6.2.4 contain a Heap Inspection vulnerability that could allow an attacker with physical access to the system to recover sensitive key material.

CWE-4592018

CVE-2018-12332

MEDIUM
CVSS:4.2(Medium)

Incomplete Cleanup vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via a compromised host PC after a reset.

CWE-4592018

CVE-2018-17467

MEDIUM
CVSS:4.3(Medium)

Insufficiently quick clearing of stale rendered content in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML...

CWE-4592018

CVE-2019-8550

MEDIUM
CVSS:4.3(Medium)

An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A user’s video may not be paused in a...

CWE-4592019

CVE-2021-34421

MEDIUM
CVSS:4.3(Medium)

The Keybase Client for Android before version 5.8.0 and the Keybase Client for iOS before version 5.8.0 fails to properly remove exploded messages initiated by a user if the receiving user places the ...

CWE-4592021

CVE-2024-1048

LOW
CVSS:3.3(Low)

A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set-bootflag will create a temporary file with the new grubenv content and rename it to the original...

CWE-4592024