CVE-2022-2997: Session Fixation

August 25, 2022 (updated September 1, 2022)

Session Fixation in GitHub repository snipe/snipe-it prior to 6.0.10.

References

github.com/advisories/GHSA-cmxc-9ghj-jp87
github.com/snipe/snipe-it/commit/6fde72a69335c80079363b7d26aa94e7f67400e1
huntr.dev/bounties/c09bf21b-50d2-49f0-8c92-49f6b3c358d8
nvd.nist.gov/vuln/detail/CVE-2022-2997

Detect and mitigate CVE-2022-2997 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →