128 matches found
Vulnerability fixed in GitLab Enterprise Edition and Community Edition
GitLab has fixed a vulnerability in GitLab Enterprise Edition EE and Community Edition CE. A malicious person with user privileges could exploit the vulnerability to use a GraphQL endpoint to install rogue runners in any project within the environment and thus execute arbitrary code execute. GitL...
CVE-2023-30623
embano1/wip is a GitHub Action written in Bash. Prior to version 2, the embano1/wip action uses the github.event.pullrequest.title parameter in an insecure way. The title parameter is used in a run statement - resulting in a command injection vulnerability due to string interpolation. This...
PT-2023-22820 · Unknown · Embano1/Wip
Name of the Vulnerable Software and Affected Versions: embano1/wip versions prior to 2 Description: The embano1/wip action uses the github.event.pull request.title parameter in an insecure way, resulting in a command injection vulnerability due to string interpolation. This issue can be triggered...
CVE-2023-27581 github-slug-action vulnerable to arbitrary code execution
github-slug-action is a GitHub Action to expose slug value of GitHub environment variables inside of one's GitHub workflow. Starting in version 4.0.0 and prior to version 4.4.1, this action uses the github.headref parameter in an insecure way. This vulnerability can be triggered by any user on...
PT-2023-19310 · Microsoft · Azure/Setup-Kubectl
Name of the Vulnerable Software and Affected Versions: Azure/setup-kubectl versions prior to 3 Description: The issue arises from an insecure temporary creation of a file, allowing other actors on the Actions runner to replace the Kubectl binary created by this action because it is world writable...
CVE-2023-22381
A code injection vulnerability was identified in GitHub Enterprise Server that allowed setting arbitrary environment variables from a single environment variable value in GitHub Actions when using a Windows based runner. To exploit this vulnerability, an attacker would need existing permission to...
com.blazebit:blaze-persistence-integration-spring-data-testsuite-webflux-jakarta-runner (>=1.6.10 <=1.6.18), com.blazebit:blaze-persistence-integration-spring-data-testsuite-webmvc-jakarta-runner (>=1.6.10 <=1.6.18) +322 more potentially affected by CVE-2022-3143 via org.wildfly.security:wildfly-elytron (>=1.16.0.CR1 <=1.20.2.Final)
org.wildfly.security:wildfly-elytron MAVEN version =1.16.0.CR1, =1.6.10, =1.6.10, =6.2.0, =0.1.0, =1.0.1, =6.3.0, =0.1.0, =2.5.0.CR1, =2.0.0.Final, =2.0.0.Final, =2.0.0.Final, =1.3.0, =1.3.1 - io.thorntail:config-api =1.4.0 - io.thorntail:config-api-generator =1.4.0 and more Source cves:...
GitLab: Container escape on public GitLab CI runners
Summary It is possible to circumvent the isolation in place for build jobs running on public CI runners by escaping the docker container running the build job. This is possible via abuse of the cgroup releaseagent functionality, made possible by CI jobs being allowed to mount filesystems inside t...
code-runners.com Improper Access Control vulnerability OBB-2199101
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2021-22869
An improper access control vulnerability in GitHub Enterprise Server allowed a workflow job to execute in a self-hosted runner group it should not have had access to. This affects customers using self-hosted runner groups for access control. A repository with access to one enterprise runner group...
GitHub Enterprise Server 授权问题漏洞
GitHub Enterprise Server is Github an open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. GitHub Enterprise Server has a security vulnerability that stems from an improper access contro...
Go-Shellcode - A Repository Of Windows Shellcode Runners And Supporting Utilities
go-shellcode is a repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls or techniques. The available Shellcode runners include: CreateFiber CreateProcess CreateProcessWithPipe CreateRemoteThread CreateRemoteThreadNati...
CVE-2020-13350
CSRF in runner administration page in all versions of GitLab CE/EE allows an attacker who's able to target GitLab instance administrators to pause/resume runners. Affected versions are =13.5.0, =13.4.0, 13.4.5,13.3.9...
Cross site request forgery (csrf)
CSRF in runner administration page in all versions of GitLab CE/EE allows an attacker who's able to target GitLab instance administrators to pause/resume runners. Affected versions are =13.5.0, =13.4.0, 13.4.5,13.3.9...
CVE-2020-13350
CSRF in runner administration page in all versions of GitLab CE/EE allows an attacker who's able to target GitLab instance administrators to pause/resume runners. Affected versions are =13.5.0, =13.4.0, 13.4.5,13.3.9...
UBUNTU-CVE-2020-13350
CSRF in runner administration page in all versions of GitLab CE/EE allows an attacker who's able to target GitLab instance administrators to pause/resume runners. Affected versions are =13.5.0, =13.4.0, 13.4.5,13.3.9...
CVE-2020-13350
CSRF in runner administration page in all versions of GitLab CE/EE allows an attacker who's able to target GitLab instance administrators to pause/resume runners. Affected versions are =13.5.0, =13.4.0, 13.4.5,13.3.9...
PT-2020-13491 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.3.0 through 13.3.8 GitLab CE/EE versions 13.4.0 through 13.4.4 GitLab CE/EE versions 13.5.0 through 13.5.1 Description: A CSRF issue in the runner administration page of GitLab CE/EE allows an attacker to target GitLa...
PT-2020-13436 · Gitlab · Gitlab Runner +1
Name of the Vulnerable Software and Affected Versions: GitLab Runner versions prior to 13.0.12 GitLab Runner versions prior to 13.1.6 GitLab Runner versions prior to 13.2.3 Description: The issue allows for Server-Side Request Forgery SSRF by replacing dockerd with a malicious server, making the...
Gitlab -- Multiple Vulnerabilities
The GitLab Team reports: Group Maintainers Can Update/Delete Group Runners Using API GraphQL Queries Can Hang the Application Unauthorized Users Have Access to Milestones of Releases Private Group Name Revealed Through Protected Tags API Users Can Publish Reviews on Locked Merge Requests DoS in t...