10 matches found
CVE-2024-5258
An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1 where an authenticated attacker could utilize a crafted naming convention to bypass pipeline authorization logic...
RHSA-2024:5258
creationtimestamp| type| source ---|---|--- 2025-01-13 09:11:16+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1356 2025-01-13 21:12:01+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1393 2025-02-25 08:25:24+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5260...
Rocky Linux 8 : container-tools:rhel8 (RLSA-2024:5258)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:5258 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 golang: net/http: memory exhaustion in...
Oracle Linux 8 : container-tools:ol8 (ELSA-2024-5258)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-5258 advisory. aardvark-dns buildah 2:1.33.8-4 - rebuild for golang fixes - Related: RHEL-28452 cockpit-podman 84.1-1 - update to...
AlmaLinux 8 : container-tools:rhel8 (ALSA-2024:5258)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:5258 advisory. golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads CVE-2024-1394 golang: net/http: memory exhaustion in...
CVE-2024-5258
An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1 where an authenticated attacker could utilize a crafted naming convention to bypass pipeline authorization logic...
CVE-2024-5258 Authorization Bypass Through User-Controlled Key in GitLab
An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1 where an authenticated attacker could utilize a crafted naming convention to bypass pipeline authorization logic...
CVE-2024-5258
CVE-2024-5258 is an authorization bypass in GitLab. The vulnerability affects GitLab releases: 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1, where an authenticated attacker could exploit a crafted naming convention to bypass pipeline authorization logic. The issue impacts th...
CVE-2024-5258 Authorization Bypass Through User-Controlled Key in GitLab
An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1 where an authenticated attacker could utilize a crafted naming convention to bypass pipeline authorization logic...
GitLab 16.10 < 16.10.6 / 16.11 < 16.11.3 / 17.0 < 17.0.1 (CVE-2024-5258)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An authorization vulnerability exists within GitLab from versions 16.10 before 16.10.6, 16.11 before 16.11.3, and 17.0 before 17.0.1 where an authenticated attacker could utilize a crafted naming...