GCVE - cpe:2.3:a:gitlab:gitlab:14.7.0:*:*:*:enterprise:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:gitlab:gitlab:14.7.0:*:*:*:enterprise:*:*:*

part: a version: 14.7.0 update: *

Vendor	Gitlab (`57573e99-56e6-5fad-895e-0ce7fffc5b90`)
Product	Gitlab (`5414fcda-a172-5f72-b6e4-b415a19d21eb`)
Edition	*
Language	*
Software edition	enterprise
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:gitlab/gitlab-org/gitlab`	purl2cpe	2026-06-01 10:14:46.277918

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2022-0390`	vulnerable	2026-06-03 14:45:56.081170	Details available MEDIUM (4.3) Improper access control in Gitlab CE/EE versions 12.7 to 14.5.4, 14.6 to 14.6.4, and 14.7 to 14.7.1 allowed for project non-members to retrieve issue details when it was linked to an item from the vulnerability dashboard. Published: 2022-04-01T22:17:36.000Z Updated: 2024-08-02T23:25:40.347Z Open on db.gcve.eu Reference links https://gitlab.com/gitlab-org/gitlab/-/issues/330030 https://hackerone.com/reports/1179733 https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-0390.json	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.