Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:4 a.m.2 views

CVE-2024-5258

An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1 where an authenticated attacker could utilize a crafted naming convention to bypass pipeline authorization logic...

4.4CVSS6.7AI score0.00275EPSS
Exploits1References1
Circl
Circl
added 2025/01/13 9:11 a.m.5 views

RHSA-2024:5258

creationtimestamp| type| source ---|---|--- 2025-01-13 09:11:16+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1356 2025-01-13 21:12:01+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1393 2025-02-25 08:25:24+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5260...

4.8AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/08/21 12:0 a.m.30 views

Rocky Linux 8 : container-tools:rhel8 (RLSA-2024:5258)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:5258 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 golang: net/http: memory exhaustion in...

8.3CVSS7.2AI score0.01533EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2024/08/14 12:0 a.m.33 views

Oracle Linux 8 : container-tools:ol8 (ELSA-2024-5258)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5258 advisory. aardvark-dns buildah 2:1.33.8-4 - rebuild for golang fixes - Related: RHEL-28452 cockpit-podman 84.1-1 - update to...

8.3CVSS6.9AI score0.01533EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2024/08/14 12:0 a.m.48 views

AlmaLinux 8 : container-tools:rhel8 (ALSA-2024:5258)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:5258 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 golang: net/http: memory exhaustion in...

8.3CVSS7.1AI score0.01533EPSS
Exploits0References9
NVD
NVD
added 2024/05/23 11:15 a.m.27 views

CVE-2024-5258

An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1 where an authenticated attacker could utilize a crafted naming convention to bypass pipeline authorization logic...

4.4CVSS4.3AI score0.00275EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/05/23 11:2 a.m.10 views

CVE-2024-5258 Authorization Bypass Through User-Controlled Key in GitLab

An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1 where an authenticated attacker could utilize a crafted naming convention to bypass pipeline authorization logic...

4.4CVSS6.3AI score0.00275EPSS
Exploits1References1
CVE
CVE
added 2024/05/23 11:2 a.m.554 views

CVE-2024-5258

CVE-2024-5258 is an authorization bypass in GitLab. The vulnerability affects GitLab releases: 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1, where an authenticated attacker could exploit a crafted naming convention to bypass pipeline authorization logic. The issue impacts th...

4.4CVSS6.1AI score0.00275EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2024/05/23 11:2 a.m.31 views

CVE-2024-5258 Authorization Bypass Through User-Controlled Key in GitLab

An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1 where an authenticated attacker could utilize a crafted naming convention to bypass pipeline authorization logic...

4.4CVSS4.2AI score0.00275EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/05/23 12:0 a.m.24 views

GitLab 16.10 < 16.10.6 / 16.11 < 16.11.3 / 17.0 < 17.0.1 (CVE-2024-5258)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1 where an authenticated attacker could utilize a crafted naming...

4.4CVSS5.6AI score0.00275EPSS
Exploits1References3
Rows per page
Query Builder