9 matches found
EUVD-2024-44468
Malicious code in bioql PyPI...
BIT-GITLAB-2024-4901 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, where a stored XSS vulnerability could be imported from a project with malicious commit notes...
CVE-2024-4901
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, where a stored XSS vulnerability could be imported from a project with malicious commit notes...
UBUNTU-CVE-2024-4901
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, where a stored XSS vulnerability could be imported from a project with malicious commit notes...
CVE-2024-4901 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, where a stored XSS vulnerability could be imported from a project with malicious commit notes...
CVE-2024-4901 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to 16.11.5, starting from 17.0 prior to 17.0.3, and starting from 17.1 prior to 17.1.1, where a stored XSS vulnerability could be imported from a project with malicious commit notes...
CVE-2024-4901
CVE-2024-4901 affects GitLab CE/EE: a stored XSS vulnerability that could be imported from a project with malicious commit notes. Root cause cited as improper neutralization of input during web page generation. Affected versions: GitLab 16.9–16.11.4, 17.0.0–17.0.2, and 17.1.0–17.1.0 (and similar ...
PT-2024-6674 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 16.9 through 16.11.5 GitLab CE/EE versions 17.0 through 17.0.3 GitLab CE/EE versions 17.1 through 17.1.1 Description: The issue is related to a stored XSS vulnerability that can be imported from a project with malicious...
nistec has Incorrect Calculation in Multiplication of unreduced P-256 scalars
Multiplication of certain unreduced P-256 scalars produce incorrect results. There are no protocols known at this time that can be attacked due to this. From the fix commit notes: Unlike the rest of nistec, the P-256 assembly does not use complete addition formulas, meaning that...