EUVD-2022-51566

Malicious code in bioql PyPI...

CVE-2022-4206

A sensitive information leak issue has been discovered in all versions of DAST API scanner from 1.6.50 prior to 2.0.102, exposing the Authorization header in the vulnerability report...

PT-2023-17144 · Gitlab · Gitlab Dast Api Scanner

Name of the Vulnerable Software and Affected Versions: GitLab DAST API scanner versions 1.6.50 through 2.10.x Description: An issue has been discovered in the GitLab DAST API scanner where Authorization headers were leaked in vulnerability report evidence. Recommendations: For versions 1.6.50...

Authorization

An issue has been discovered in GitLab DAST API scanner affecting all versions starting from 1.6.50 before 2.11.0, where Authorization headers was leaked in vulnerability report evidence...

CVE-2023-0326

Summary of CVE-2023-0326 (GitLab DAST API Scanner): Affects GitLab DAST API scanner versions 1.6.50 through 2.11.0. The root cause is leakage of Authorization headers in vulnerability report evidence, exposing credentials in reports. Documented impact is access to sensitive authorization data via...

CVE-2022-4206

A sensitive information leak issue has been discovered in all versions of DAST API scanner from 1.6.50 prior to 2.0.102, exposing the Authorization header in the vulnerability report...

CVE-2022-4206

A sensitive information leak issue has been discovered in all versions of DAST API scanner from 1.6.50 prior to 2.0.102, exposing the Authorization header in the vulnerability report...

Authorization

A sensitive information leak issue has been discovered in all versions of DAST API scanner from 1.6.50 prior to 2.0.102, exposing the Authorization header in the vulnerability report...

CVE-2022-4206

A sensitive information leak issue has been discovered in all versions of DAST API scanner from 1.6.50 prior to 2.0.102, exposing the Authorization header in the vulnerability report...

CVE-2022-4206

A sensitive information leak issue has been discovered in all versions of DAST API scanner from 1.6.50 prior to 2.0.102, exposing the Authorization header in the vulnerability report...

CVE-2022-4206

A sensitive information leak issue has been discovered in all versions of DAST API scanner from 1.6.50 prior to 2.0.102, exposing the Authorization header in the vulnerability report...

PT-2023-14064 · Unknown · Dast Api Scanner

Name of the Vulnerable Software and Affected Versions: DAST API scanner versions 1.6.50 through 2.0.101 Description: A sensitive information leak issue has been discovered, exposing the Authorization header in the vulnerability report. This issue affects all versions of the DAST API scanner prior...

CVE-2022-4206

The CVE-2022-4206 entry describes a sensitive information leak in the DAST API Scanner: all versions from 1.6.50 through 2.0.101 expose the Authorization header in vulnerability reports. Root cause is an information disclosure within the vulnerability report generation. Impact is confidentiality ...

FreeBSD : Gitlab -- Multiple Vulnerabilities (3cde510a-7135-11ed-a28b-bff032704f00)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 3cde510a-7135-11ed-a28b-bff032704f00 advisory. - Gitlab reports: DAST API scanner exposes Authorization headers in vulnerabilities Group IP...

GitLab CE/EE 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab CE/EE that stems from its DAST API...

VOOKI - Web Application Vulnerability Scanner

Vooki is a free web application vulnerability scanner. Vooki is a user-friendly tool that you can easily scan any web application and find the vulnerabilities. Vooki includes Web Application Scanner, Rest API Scanner, and reporting section. Vooki – Web Application Scanner can help you to find the...

openSUSE Security Update : curl (openSUSE-2015-125)

was updated to version 7.40.0 to fix two security issues. These security issues were fixed : - CVE-2014-8150: CRLF injection vulnerability in libcurl 6.0 through 7.x before 7.40.0, when using an HTTP proxy, allowed remote attackers to inject arbitrary HTTP headers and conduct HTTP response...

FreeBSD : mozilla -- multiple vulnerabilities (9c1495ac-8d8c-4789-a0f3-8ca6b476619c)

The Mozilla Project reports : MFSA 2014-74 Miscellaneous memory safety hazards rv:33.0 / rv:31.2 MFSA 2014-75 Buffer overflow during CSS manipulation MFSA 2014-76 Web Audio memory corruption issues with custom waveforms MFSA 2014-78 Further uninitialized memory use during GIF MFSA 2014-79...