- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
08-24-2022 08:40 PM
Hi,
Does anyone know if GitLab Remote Command Execution Vulnerability is covered with Palo Alto AV Signature?
Is Palo Alto affected by it?
I was not able to find it in their Security Advisories.
Vulnerability Details:
Title |
GitLab Remote Command Execution Vulnerability |
CVE ID |
CVE-2022-2884 |
CVE Summary |
GitLab Community Edition and GitLab Enterprise Edition are prone to remote code-execution vulnerabilities via GitHub Import. An attacker can leverage this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial of service conditions.
The vulnerability has a CVSS base score of 9.9. |
Link(s) |
https://about.gitlab.com/releases/2022/08/22/critical-security-release-gitlab-15-3-1-released/ |