CVE-2022-2185: GitLab Remote Code Execution Vulnerability


On June 30, 2022, GitLab officially issued a security notice to fix a vulnerability (CVE-2022-2185) in the Community Edition (CE) and Enterprise Edition (EE), with a CVSS score of 9.9. GitLab is an open-source project for a warehouse management system. It uses Git as a code management tool to access public or private projects through a web interface.  This flaw is related to an authorised user who could import a maliciously crafted project leading to remote code execution.

Read more…