GHSA-965M-V4CC-6334 Unauthenticated Admission Webhook Endpoints in Yoke ATC

Unauthenticated Admission Webhook Endpoints in Yoke ATC This vulnerability exists in the Air Traffic Controller ATC component of Yoke, a Kubernetes deployment tool. The ATC webhook endpoints lack proper authentication mechanisms, allowing any pod within the cluster network to directly send...

Moderate: Red Hat Security Advisory: Assisted Installer RHEL 9 components for Multicluster Engine for Kubernetes 2.10.1

Assisted installer RHEL 9 components for the multicluster engine for Kubernetes 2.10.1 General Availability release, with updates to container images. Assisted Installer RHEL 9 integrates components for the general multicluster engine for Kubernetes 2.10.1 release that simplify the process of...

EUVD-2018-10557

Malware in sbrugna...

EUVD-2018-9203

Malware in sbrugna...

EUVD-2025-16136

Malicious code in bioql PyPI...

fleetdeck-poc

FleetDeck PoC !Go Versionhttps://img.shields.io/badge/go-...

BIT-GITLAB-2025-3111 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 10.2 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A lack of input validation in the Kubernetes integration could allow an authenticated user to cause denial of service...

CVE-2025-3111

An issue has been discovered in GitLab CE/EE affecting all versions from 10.2 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A lack of input validation in the Kubernetes integration could allow an authenticated user to cause denial of service...

CVE-2025-3111

An issue has been discovered in GitLab CE/EE affecting all versions from 10.2 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A lack of input validation in the Kubernetes integration could allow an authenticated user to cause denial of service...

UBUNTU-CVE-2025-3111

An issue has been discovered in GitLab CE/EE affecting all versions from 10.2 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A lack of input validation in the Kubernetes integration could allow an authenticated user to cause denial of service...

CVE-2025-3111 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 10.2 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A lack of input validation in the Kubernetes integration could allow an authenticated user to cause denial of service...

CVE-2025-3111

CVE-2025-3111 affects GitLab CE/EE. The issue is caused by a lack of input validation in the Kubernetes integration, allowing an authenticated user to cause a denial of service across versions: 10.2 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. The provided documents do not specif...

CVE-2025-3111

Removed by vendor...

CVE-2025-3111 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 10.2 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A lack of input validation in the Kubernetes integration could allow an authenticated user to cause denial of service...

CVE-2025-3111 Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 10.2 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A lack of input validation in the Kubernetes integration could allow an authenticated user to cause denial of service...

CVE-2019-15728

An issue was discovered in GitLab Community and Enterprise Edition 10.1 through 12.2.1. Protections against SSRF attacks on the Kubernetes integration are insufficient, which could have allowed an attacker to request any local network resource accessible from the GitLab server...

CVE-2018-17450

An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1. There is Server-Side Request Forgery SSRF via the Kubernetes integration, leading for example to disclosure of a GCP service token...

GitLab Enterprise Edition（EE）和GitLab Community Edition（CE） 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab Enterprise Edition EE and GitLab Community...

GitLab 10.2 < 17.10.7 / 17.11 < 17.11.3 / 18.0 < 18.0.1 (CVE-2025-3111)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab CE/EE affecting all versions from 10.2 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. A lack of input validation in the Kubernetes integration cou...

PT-2025-22477 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 10.2 through 17.10.6 GitLab CE/EE versions 17.11 through 17.11.2 GitLab CE/EE versions 18.0 through 18.0.0 Description: An issue has been discovered in GitLab CE/EE due to a lack of input validation in the Kubernetes...