{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"GitLab CE/EE versions 14.8.x ant\u00e9rieures \u00e0 14.8.5","product":{"name":"N/A","vendor":{"name":"GitLab","scada":false}}},{"description":"GitLab CE/EE versions 14.9.x ant\u00e9rieures \u00e0 14.9.2","product":{"name":"N/A","vendor":{"name":"GitLab","scada":false}}},{"description":"GitLab CE/EE versions 14.7.x ant\u00e9rieures \u00e0 14.7.7","product":{"name":"N/A","vendor":{"name":"GitLab","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2022-1189","url":"https://www.cve.org/CVERecord?id=CVE-2022-1189"},{"name":"CVE-2022-1148","url":"https://www.cve.org/CVERecord?id=CVE-2022-1148"},{"name":"CVE-2022-1193","url":"https://www.cve.org/CVERecord?id=CVE-2022-1193"},{"name":"CVE-2022-1185","url":"https://www.cve.org/CVERecord?id=CVE-2022-1185"},{"name":"CVE-2022-0740","url":"https://www.cve.org/CVERecord?id=CVE-2022-0740"},{"name":"CVE-2022-1111","url":"https://www.cve.org/CVERecord?id=CVE-2022-1111"},{"name":"CVE-2022-1099","url":"https://www.cve.org/CVERecord?id=CVE-2022-1099"},{"name":"CVE-2022-1121","url":"https://www.cve.org/CVERecord?id=CVE-2022-1121"},{"name":"CVE-2022-1100","url":"https://www.cve.org/CVERecord?id=CVE-2022-1100"},{"name":"CVE-2022-1162","url":"https://www.cve.org/CVERecord?id=CVE-2022-1162"},{"name":"CVE-2022-1188","url":"https://www.cve.org/CVERecord?id=CVE-2022-1188"},{"name":"CVE-2022-1174","url":"https://www.cve.org/CVERecord?id=CVE-2022-1174"},{"name":"CVE-2022-1157","url":"https://www.cve.org/CVERecord?id=CVE-2022-1157"},{"name":"CVE-2022-1175","url":"https://www.cve.org/CVERecord?id=CVE-2022-1175"},{"name":"CVE-2022-1105","url":"https://www.cve.org/CVERecord?id=CVE-2022-1105"},{"name":"CVE-2022-1120","url":"https://www.cve.org/CVERecord?id=CVE-2022-1120"},{"name":"CVE-2022-1190","url":"https://www.cve.org/CVERecord?id=CVE-2022-1190"}],"links":[],"reference":"CERTFR-2022-AVI-304","revisions":[{"description":"Version initiale","revision_date":"2022-04-01T00:00:00.000000"}],"risks":[{"description":"Contournement de la politique de s\u00e9curit\u00e9"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"},{"description":"\u00c9l\u00e9vation de privil\u00e8ges"}],"summary":"Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les produits GitLab. Elle permet\n\u00e0 un attaquant de provoquer un contournement de la politique de\ns\u00e9curit\u00e9, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation\nde privil\u00e8ges.\n","title":"Vuln\u00e9rabilit\u00e9 dans les produits GitLab","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 GitLab du 31 mars 2022","url":"https://about.gitlab.com/releases/2022/03/31/critical-security-release-gitlab-14-9-2-released/"}]}