cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-0326,https://securityvulnerability.io/vulnerability/CVE-2023-0326,Authorization Header Exposure in GitLab DAST API Scanner,"An issue has been identified in the GitLab DAST API scanner, where authorization headers were unintentionally exposed in vulnerability reports. This exposure affects all versions of the scanner starting from 1.6.50 up to, but not including, version 2.11.0. As a result, sensitive authentication details may have been leaked, increasing the risk of unauthorized access or exploitation of exposed APIs.",GitLab,GitLab DAST API scanner,4.3,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2023-03-27T00:00:00.000Z,0
CVE-2022-3767,https://securityvulnerability.io/vulnerability/CVE-2022-3767,Missing Validation in DAST Analyzer Affects GitLab Products,"A critical security flaw exists in the DAST analyzer in GitLab that allows for missing validation of custom request headers. This vulnerability affects all versions of the DAST analyzer starting from 1.11.0 up to, but not including, 3.0.32. Attackers can exploit this flaw by sending malicious request headers, potentially affecting the behavior of the application and impacting the security of the host.",Gitlab,Dast,7.7,HIGH,0.0007300000288523734,false,,false,false,false,,,false,false,,2023-03-09T00:00:00.000Z,0
CVE-2022-4317,https://securityvulnerability.io/vulnerability/CVE-2022-4317,Redirect Vulnerability in GitLab DAST Analyzer,"A security issue exists in the GitLab DAST Analyzer that allows for the manipulation of custom request headers during redirects. This vulnerability affects all versions of the DAST Analyzer from 1.47 up to, but not including, 3.0.51. Attackers may exploit this flaw to conduct malicious actions, making it critical for users to apply updates to mitigate risks associated with untrusted redirects.",Gitlab,Dast,5,MEDIUM,0.0009899999713525176,false,,false,false,false,,,false,false,,2023-03-09T00:00:00.000Z,0
CVE-2022-4206,https://securityvulnerability.io/vulnerability/CVE-2022-4206,Sensitive Information Leak in DAST API Scanner by GitLab,"A vulnerability has been found in the DAST API Scanner affecting all versions from 1.6.50 up to just before 2.0.102. This issue allows unauthorized exposure of sensitive information by disclosing the Authorization header within the vulnerability report generated by the scanner. This could lead to potential security risks, making it crucial for users to take measures to mitigate this vulnerability and ensure their API interactions remain protected.",Gitlab,Dast Api Scanner,5,MEDIUM,0.000750000006519258,false,,false,false,false,,,false,false,,2023-02-01T00:00:00.000Z,0