GCVE - cpe:2.3:a:gitlab:dynamic_application_security_testing

Approved changes feed: RSS · Atom

cpe:2.3:a:gitlab:dynamic_application_security_testing_analyzer:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Gitlab (`57573e99-56e6-5fad-895e-0ce7fffc5b90`)
Product	Dynamic Application Security Testing Analyzer (`53ebc52f-edcb-5725-b5cc-31e41d4662c5`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-0326`	vulnerable	2026-06-03 14:48:46.064616	Details available MEDIUM (5) An issue has been discovered in GitLab DAST API scanner affecting all versions starting from 1.6.50 before 2.11.0, where Authorization headers was leaked in vulnerability report evidence. Published: 2023-03-27T00:00:00.000Z Updated: 2025-02-19T19:31:29.580Z Open on db.gcve.eu Reference links https://gitlab.com/gitlab-org/gitlab/-/issues/388132 https://hackerone.com/reports/1826896 https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-0326.json	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-4317`	vulnerable	2026-06-03 14:48:35.484057	Details available MEDIUM (5) An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 1.47 before 3.0.51, which sends custom request headers in redirects. Published: 2023-03-09T00:00:00.000Z Updated: 2025-02-28T17:26:25.536Z Open on db.gcve.eu Reference links https://gitlab.com/gitlab-org/gitlab/-/issues/384997 https://hackerone.com/reports/1767533 https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4317.json	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-4315`	vulnerable	2026-06-03 14:48:35.483023	Details available MEDIUM (5) An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 2.0 before 3.0.55, which sends custom request headers with every request on the authentication page. Published: 2023-03-08T00:00:00.000Z Updated: 2025-03-04T15:58:11.641Z Open on db.gcve.eu Reference links https://gitlab.com/gitlab-org/gitlab/-/issues/384995 https://hackerone.com/reports/1767525 https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-4315.json	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-3767`	vulnerable	2026-06-03 14:47:59.277385	Details available HIGH (7.7) Missing validation in DAST analyzer affecting all versions from 1.11.0 prior to 3.0.32, allows custom request headers to be sent with every request, regardless of the host. Published: 2023-03-09T00:00:00.000Z Updated: 2025-02-28T17:28:45.941Z Open on db.gcve.eu Reference links https://gitlab.com/gitlab-org/gitlab/-/issues/377473 https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3767.json	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

Dynamic Application Security Testing Analyzer

PURL mappings

Vulnerability references

Contribute