9 matches found
LINE client for iOS vulnerable to universal cross-site scripting
Overview The in-app browser of LINE client for iOS provided by LY Corporation contains a universal cross-site scripting vulnerability CWE-79, CVE-2024-5739. LY Corporation reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. Impact If a user clicks a malicious...
CVE-2024-5739
The in-app browser of LINE client for iOS versions below 14.9.0 contains a Universal XSS UXSS vulnerability. This vulnerability allows for cross-site scripting XSS where arbitrary JavaScript can be executed in the top frame from an embedded iframe on any displayed web site within the in-app...
PT-2024-37114
Name of the Vulnerable Software and Affected Versions: LINE client for iOS versions prior to 14.9.0 Description: The in-app browser of the LINE client contains a Universal XSS UXSS vulnerability, allowing for cross-site scripting XSS where arbitrary JavaScript can be executed in the top frame fro...
GitLab 13.2 < 14.8.6, 14.9.0 < 14.9.4, 14.10 < 14.10.1 Information Disclosure Vulnerability
GitLab is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if...
GitLab 1.0.2 < 14.8.6, 14.9.0 < 14.9.4, 14.10.0 < 14.10.1 Multiple Vulnerabilities
GitLab is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if description...
PT-2022-13876 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 1.0.2 through 14.8.5 GitLab CE/EE versions 14.9.0 through 14.9.3 GitLab CE/EE versions 14.10.0 Description: The issue is related to improper access control in the CI/CD cache mechanism, allowing a malicious actor with...
PT-2022-13869 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 1.0.2 through 14.8.6 GitLab CE/EE versions 14.9.0 through 14.9.4 GitLab CE/EE versions 14.10.0 through 14.10.1 Description: The issue is related to missing input masking in GitLab CE/EE, which causes potentially sensitiv...
GitLab 8.12.0 < 14.8.6 / 14.9.0 < 14.9.4 / 14.10.0 < 14.10.1 (CVE-2022-1406)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Improper input validation in GitLab CE/EE affecting all versions from 8.12 prior to 14.8.6, all versions from 14.9.0 prior to 14.9.4, and 14.10.0 allows a Developer to read protected Group or Project...
PT-2022-13699 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 10 through 14.7.7 GitLab CE/EE versions 14.8.0 through 14.8.5 GitLab CE/EE versions 14.9.0 through 14.9.2 Description: A denial of service issue occurs when rendering RDoc files, allowing an attacker to crash the GitLab...