CVE-2023-2069

An issue has been discovered in GitLab affecting all versions starting from 10.0 before 12.9.8, all versions starting from 12.10 before 12.10.7, all versions starting from 13.0 before 13.0.1. A user with the role of developer could use the import project feature to leak CI/CD variables...

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab, which stems from the fact that a us...

PT-2023-17555 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions 10.0 through 12.9.7 GitLab versions 12.10 through 12.10.6 GitLab versions 13.0 through 13.0.0 Description: An issue has been discovered in GitLab where a user with the role of developer could use the import project feature to...

GLSA-202305-12 : sudo: Root Privilege Escalation

The remote host is affected by the vulnerability described in GLSA-202305-12 sudo: Root Privilege Escalation - In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user- provided environment variables SUDOEDITOR, VISUAL, and EDITOR, allowing a local attack...

CVE-2023-2069

Removed by vendor...

Gitlab -- Multiple Vulnerabilities

Gitlab reports: Privilege escalation for external users when OIDC is enabled under certain conditions Account takeover through open redirect for Group SAML accounts Users on banned IP addresses can still commit to projects User with developer role group can modify Protected branches setting on...

GitLab 10.0 < 12.9.8 / 12.10 < 12.10.7 / 13.0 < 13.0.1 (CVE-2023-2069)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions starting from 10.0 before 12.9.8, all versions starting from 12.10 before 12.10.7, all versions starting from 13.0 before 13.0.1. A user...

CVE-2023-30853 Gradle Build Action data written to GitHub Actions Cache may expose secrets

Gradle Build Action allows users to execute a Gradle Build in their GitHub Actions workflow. A vulnerability impacts GitHub workflows using the Gradle Build Action prior to version 2.4.2 that have executed the Gradle Build Tool with the configuration cache enabled, potentially exposing secrets...

CVE-2023-26567

Sangoma FreePBX 1805 through 2302 when obtained as a ,.ISO file places AMPDBUSER, AMPDBPASS, AMPMGRUSER, and AMPMGRPASS in the list of global variables. This exposes cleartext authentication credentials for the Asterisk Database MariaDB/MySQL and Asterisk Manager Interface. For example, an attack...

CVE-2023-26567

Sangoma FreePBX 1805 through 2302 when obtained as a ,.ISO file places AMPDBUSER, AMPDBPASS, AMPMGRUSER, and AMPMGRPASS in the list of global variables. This exposes cleartext authentication credentials for the Asterisk Database MariaDB/MySQL and Asterisk Manager Interface. For example, an attack...

FreePBX 安全漏洞

FreePBX formerly known as Asterisk Management Portal is a set of tools from the FreePBX project for configuring Asterisk an IP telephony system via a GUI web-based graphical interface. A security vulnerability exists in FreePBX that stems from the addition of the AMPDBUSER, AMPDBPASS, AMPMGRUSER,...

ncurses before 6.4 20230408 when used by a setuid application allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable.

...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in versions of Mozilla Firefox prior to 112, which stems from the fact that suggested filenames containing the names of environment variables are parsed in the current...

The vulnerability of the MinIO object storage server arises from the exposure of all environment variables, including “MINIO_SECRET_KEY” and “MINIO_ROOT_PASSWORD”, which allow attackers to expose the protected information.

The vulnerability of the MinIO object storage server lies in the fact that all environment variables, including “MINIOSECRETKEY” and “MINIOROOTPASSWORD”, are returned. Exploiting this vulnerability allows a malicious actor to expose the protected information...

CVE-2023-29193

SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions. The spicedb serve command contains a flag named --grpc-preshared-key which is used to protect the gRPC API from being accessed by unauthorized requests. The...

CVE-2023-29193

CVE-2023-29193 affects SpiceDB. The issue: the metrics service exposes the /debug/pprof/cmdline endpoint, which can reveal the spiceDB server’s command-line flags, including a configured --grpc-preshared-key, if exposed publicly on the metrics port. Impact: most production deployments following r...

CVE-2023-29193 SpiceDB binding metrics port to untrusted networks and can leak command-line flags

SpiceDB is an open source, Google Zanzibar-inspired, database system for creating and managing security-critical application permissions. The spicedb serve command contains a flag named --grpc-preshared-key which is used to protect the gRPC API from being accessed by unauthorized requests. The...

SUSE CVE-2023-29491

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

ALPINE-CVE-2023-29491

ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable...

SpiceDB binding metrics port to untrusted networks and can leak command-line flags

Background The spicedb serve command contains a flag named --grpc-preshared-key which is used to protect the gRPC API from being accessed by unauthorized requests. The values of this flag are to be considered sensitive, secret data. The /debug/pprof/cmdline endpoint served by the metrics service...