CVE-2022-0203: Missing Authorization

January 27, 2022 (updated February 10, 2022)

Improper Access Control in GitHub repository crater-invoice/crater prior to 6.0.2.

References

github.com/advisories/GHSA-xh9g-cp3v-p8q4
github.com/crater-invoice/crater/commit/dd324c8bb6b17009f82afe8bc830caec7241e992
huntr.dev/bounties/395fc553-2b90-4e69-ba07-a316e1c06406
nvd.nist.gov/vuln/detail/CVE-2022-0203

Detect and mitigate CVE-2022-0203 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →