110 matches found
GitLab 11.9 < 13.11.6 / 13.12 < 13.12.6 / 14.0 < 14.0.2 (CVE-2021-22223)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Client-Side code injection through Feature Flag name in GitLab CE/EE starting with 11.9 allows a specially crafted feature flag name to PUT requests on behalf of other users via clicking on a link...
Information Exposure
gitlab is vulnerable to Information Exposure. The vulnerability is due to supersidebarloggedout feature flag. When this feature flag is enabled, it may unintentionally disclose GitLab version metadata to unauthorized individuals...
Default configuration
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.0 before 16.3.6, all versions starting from 16.4 before 16.4.2, and all versions starting from 16.5.0 before 16.5.1 which have the supersidebarloggedout feature flag enabled. Affected versions with this...
CVE-2023-5831 Insertion of Sensitive Information Into Sent Data in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.0 before 16.3.6, all versions starting from 16.4 before 16.4.2, and all versions starting from 16.5.0 before 16.5.1 which have the supersidebarloggedout feature flag enabled. Affected versions with this...
GitLab Security Breach
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab, which stems from the fact that...
MAL-2023-8045 Malicious code in feature-flag-framework (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df4e8ce0407df917eafb41b7196edef8f261e63662349d90b1a5d6563cd6692c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in feature-flag-framework (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware df4e8ce0407df917eafb41b7196edef8f261e63662349d90b1a5d6563cd6692c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Cross-site Scripting (XSS)
gitlab is vulnerable to Cross-site Scripting XSS. The vulnerability exists in the Feature Flag name of the library, which allows an attacker to inject and execute malicious flag names through the PUT request by clicking on a link...
PT-2023-26479 · Typo3 · Typo3
Name of the Vulnerable Software and Affected Versions: TYPO3 versions 9.4.0 through 9.5.41 ELTS TYPO3 versions 10.4.0 through 10.4.38 ELTS TYPO3 versions 11.5.0 through 11.5.29 TYPO3 versions 12.4.0 through 12.4.3 Description: In multi-site scenarios, enumerating the HTTP query parameters id and ...
CVE-2023-23925
Switcher Client is a JavaScript SDK to work with Switcher API which is cloud-based Feature Flag. Unsanitized input flows into Strategy match operation EXIST, where it is used to build a regular expression. This may result in a Regular expression Denial of Service attack reDOS. This issue has been...
Design/Logic Flaw
Switcher Client is a JavaScript SDK to work with Switcher API which is cloud-based Feature Flag. Unsanitized input flows into Strategy match operation EXIST, where it is used to build a regular expression. This may result in a Regular expression Denial of Service attack reDOS. This issue has been...
CVE-2023-23925 Switcher Client contains Regular Expression Denial of Service (ReDoS)
Switcher Client is a JavaScript SDK to work with Switcher API which is cloud-based Feature Flag. Unsanitized input flows into Strategy match operation EXIST, where it is used to build a regular expression. This may result in a Regular expression Denial of Service attack reDOS. This issue has been...
CVE-2023-23925 Switcher Client contains Regular Expression Denial of Service (ReDoS)
Switcher Client is a JavaScript SDK to work with Switcher API which is cloud-based Feature Flag. Unsanitized input flows into Strategy match operation EXIST, where it is used to build a regular expression. This may result in a Regular expression Denial of Service attack reDOS. This issue has been...
Unbreakable Enterprise kernel security update
4.1.12-124.67.3 - media: imon: Fix null-ptr-deref in imonprobe Arvind Yadav Orabug: 31225377 CVE-2017-16537 - fbcon: remove soft scrollback code Linus Torvalds Orabug: 31914703 CVE-2020-14390 - inet: use bigger hash table for IP ID generation Eric Dumazet Orabug: 33778986 CVE-2021-45486 - ipv4:...
Sourcegraph gitserver sshCommand RCE
A vulnerability exists within Sourcegraph's gitserver component that allows a remote attacker to execute arbitrary OS commands by modifying the core.sshCommand value within the git configuration. This command can then be triggered on demand by executing a git push operation. The vulnerability was...
Sourcegraph gitserver sshCommand Remote Command Execution Exploit
A vulnerability exists within Sourcegraph's gitserver component that allows a remote attacker to execute arbitrary OS commands by modifying the core.sshCommand value within the git configuration. This command can then be triggered on demand by executing a git push operation. The vulnerability was...
GitLab: RCE via the DecompressedArchiveSizeValidator and Project BulkImports (behind feature flag)
Summary The DecompressedArchiveSizeValidator is used to check the size of a archive before extracting it: https://gitlab.com/gitlab-org/gitlab/-/blob/v15.1.0-ee/lib/gitlab/importexport/decompressedarchivesizevalidator.rbL82 ruby def command "gzip -dc @archivepath | wc -c" end def validate pgrp =...
Code injection
In Octopus Server after version 2022.1.1495 and before 2022.1.2647 if private spaces were enabled via the experimental feature flag all new users would have access to the Script Console within their private space...
Octopus Server 安全漏洞
Octopus Server is an automated deployment platform. A security vulnerability exists in Octopus Server versions after 2022.1.1495 and before 2022.1.2647, which stems from the fact that all new users can access the scripting console within their private space if private space is enabled via the...
Path traversal vulnerability in Blue Ocean Plugin
Blue Ocean Plugin 1.23.2 and earlier provides an undocumented feature flag, blueocean.features.GITREADSAVETYPE, that when set to the value clone allows an attacker with Item/Configure or Item/Create permission to read arbitrary files on the Jenkins controller file system. Blue Ocean Plugin 1.23.3...