{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-2370", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "state": "PUBLISHED", "assignerShortName": "GitLab", "dateReserved": "2026-02-11T20:33:21.941Z", "datePublished": "2026-03-29T23:33:44.410Z", "dateUpdated": "2026-03-30T15:02:06.576Z"}, "containers": {"cna": {"title": "Improper Handling of Parameters in GitLab", "descriptions": [{"lang": "en", "value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.3 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 affecting Jira Connect installations that could have allowed an authenticated user with minimal workspace permissions to obtain installation credentials and impersonate the GitLab app due to improper authorization checks."}], "affected": [{"vendor": "GitLab", "product": "GitLab", "repo": "git://[email protected]:gitlab-org/gitlab.git", "cpes": ["cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"], "versions": [{"version": "14.3", "status": "affected", "lessThan": "18.8.7", "versionType": "semver"}, {"version": "18.9", "status": "affected", "lessThan": "18.9.3", "versionType": "semver"}, {"version": "18.10", "status": "affected", "lessThan": "18.10.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-233: Improper Handling of Parameters", "cweId": "CWE-233", "type": "CWE"}]}], "references": [{"url": "https://hackerone.com/reports/3522829", "name": "HackerOne Bug Bounty Report #3522829", "tags": ["technical-description", "exploit", "permissions-required"]}, {"url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/589635"}, {"url": "https://about.gitlab.com/releases/2026/03/25/patch-release-gitlab-18-10-1-released/"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH"}}], "solutions": [{"lang": "en", "value": "Upgrade to versions 18.8.7, 18.9.3, 18.10.1 or above."}], "credits": [{"lang": "en", "value": "Thanks [maksyche](https://hackerone.com/maksyche) for reporting this vulnerability through our HackerOne bug bounty program", "type": "finder"}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2026-03-29T23:33:44.410Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-30T15:01:52.806448Z", "id": "CVE-2026-2370", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-30T15:02:06.576Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "Improper Handling of Parameters in GitLab", "credits": [{"lang": "en", "type": "finder", "value": "Thanks [maksyche](https://hackerone.com/maksyche) for reporting this vulnerability through our HackerOne bug bounty program"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"], "repo": "git://[email protected]:gitlab-org/gitlab.git", "vendor": "GitLab", "product": "GitLab", "versions": [{"status": "affected", "version": "14.3", "lessThan": "18.8.7", "versionType": "semver"}, {"status": "affected", "version": "18.9", "lessThan": "18.9.3", "versionType": "semver"}, {"status": "affected", "version": "18.10", "lessThan": "18.10.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade to versions 18.8.7, 18.9.3, 18.10.1 or above."}], "references": [{"url": "https://hackerone.com/reports/3522829", "name": "HackerOne Bug Bounty Report #3522829", "tags": ["technical-description", "exploit", "permissions-required"]}, {"url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/589635"}, {"url": "https://about.gitlab.com/releases/2026/03/25/patch-release-gitlab-18-10-1-released/"}], "descriptions": [{"lang": "en", "value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.3 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 affecting Jira Connect installations that could have allowed an authenticated user with minimal workspace permissions to obtain installation credentials and impersonate the GitLab app due to improper authorization checks."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-233", "description": "CWE-233: Improper Handling of Parameters"}]}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2026-03-29T23:33:44.410Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-2370", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-30T15:01:52.806448Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-03-30T15:01:58.638Z"}}]}, "cveMetadata": {"cveId": "CVE-2026-2370", "state": "PUBLISHED", "dateUpdated": "2026-03-29T23:33:44.410Z", "dateReserved": "2026-02-11T20:33:21.941Z", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "datePublished": "2026-03-29T23:33:44.410Z", "assignerShortName": "GitLab"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "matchCriteriaId": "22F9C9B9-964C-421E-8CB5-B2FBE5E5A84F", "versionEndExcluding": "18.8.7", "versionStartIncluding": "14.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "F419394A-3E12-4548-BD49-FF5027B9CFF7", "versionEndExcluding": "18.8.7", "versionStartIncluding": "14.3.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "matchCriteriaId": "96F7E7EC-4C2E-4A48-8134-9262B251C89C", "versionEndExcluding": "18.9.3", "versionStartIncluding": "18.9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "C3240349-67A3-43E2-BAD9-EFAA3E0A5D31", "versionEndExcluding": "18.9.3", "versionStartIncluding": "18.9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:18.10.0:*:*:*:community:*:*:*", "matchCriteriaId": "D5B6ECC9-6AEA-4DD0-B12B-A3A7A9FE91DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:18.10.0:*:*:*:enterprise:*:*:*", "matchCriteriaId": "2B8DF779-B99E-4096-B734-78AB1849D136", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.3 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 affecting Jira Connect installations that could have allowed an authenticated user with minimal workspace permissions to obtain installation credentials and impersonate the GitLab app due to improper authorization checks."}], "id": "CVE-2026-2370", "lastModified": "2026-03-30T15:44:26.737", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "[email protected]", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "[email protected]", "type": "Primary"}]}, "published": "2026-03-30T00:16:01.800", "references": [{"source": "[email protected]", "tags": ["Patch", "Release Notes"], "url": "https://about.gitlab.com/releases/2026/03/25/patch-release-gitlab-18-10-1-released/"}, {"source": "[email protected]", "tags": ["Broken Link"], "url": "https://gitlab.com/gitlab-org/gitlab/-/work_items/589635"}, {"source": "[email protected]", "tags": ["Permissions Required"], "url": "https://hackerone.com/reports/3522829"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-233"}], "source": "[email protected]", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[14.3,18.8.7)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[18.9,18.9.3)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[18.10,18.10.1)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "GitLab", "source": "cna", "vendor": "GitLab"}, "product": "gitlab", "vendor": "gitlab"}], "analysis": {"en": {"generated_at": "2026-03-30T05:51:14.890071+00:00", "value": {"mitigation_remediation": ["Upgrade the GitLab instance to a patched version (18.8.7 or newer, 18.9.3 or newer, or 18.10.1 or newer).", "If an immediate upgrade is not possible, minimize or remove workspace permissions for users who do not need them.", "Monitor GitLab logs for unexpected credential disclosures or application impersonation activity.", "Verify that the installed GitLab instance version matches one of the patched releases."], "summary": {"action": "Immediate Patch", "impact": "Impersonation via stolen installation credentials"}, "threat_synthesis": {"affected_systems": "The flaw impacts all GitLab versions from 14.3 up to, but not including, 18.8.7, and all 18.9.x releases prior to 18.9.3, as well as all 18.10.x releases before 18.10.1. Both Community and Enterprise editions are affected. The issue is resolved in the listed patched releases.", "description_and_impact": "GitLab Community Edition and Enterprise Edition contain a vulnerability that allows an authenticated user with minimal workspace permissions to bypass authorization checks and retrieve Jira Connect installation credentials. The attacker can then use those credentials to impersonate the GitLab application, effectively executing actions on behalf of the app. This permits unauthorized access to resources and data that should be protected, leading to potential compromise of confidentiality, integrity, and availability.", "risk_and_exploitability": "The vulnerability carries a CVSS score of 8.1, indicating high severity. Exploitation requires authenticated access with workspace permissions, so an attacker must first obtain valid credentials. No exploit probability was provided, and the issue is not listed in the CISA Known Exploited Vulnerabilities catalog. Until the patch is applied, the risk remains high for systems that handle sensitive data."}}}}, "created": "2026-03-30T06:57:59.787451+00:00", "updated": "2026-03-30T07:03:49.947841+00:00", "vendors": ["gitlab", "gitlab$PRODUCT$gitlab"]}