Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-27140

Malicious code in bioql PyPI...

6.8CVSS6.6AI score0.00651EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-2177

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Cross Window Forgery vulnerability exists within GitLab CE/EE affecting all versions from 16.3 prior to 16.11.5, 17.0 prior to 17.0.3, and 17.1 prior to 17.1....

6.8CVSS5.9AI score0.00651EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/05/10 12:0 a.m.7 views

FreeBSD : Gitlab -- vulnerabilities (6943cbf2-2d55-11f0-9471-2cf05da270f3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 6943cbf2-2d55-11f0-9471-2cf05da270f3 advisory. Gitlab reports: Partial Bypass for Device OAuth flow using Cross Window Forgery Denial of...

7.5CVSS5.6AI score0.00333EPSS
Exploits1References5
FreeBSD
FreeBSD
added 2025/05/07 12:0 a.m.27 views

Gitlab -- vulnerabilities

Gitlab reports: Partial Bypass for Device OAuth flow using Cross Window Forgery Denial of service by abusing Github import API Group IP restriction bypass allows disclosing issue title of restricted project...

6.8CVSS7AI score0.0033EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2024/10/09 12:0 a.m.7 views

The vulnerability of the OAuth-based software platform implementation for Git-based collaborative code development on GitLab allows a perpetrator to carry out a Cross-Window Forgery attack.

The vulnerability of the OAuth-based software platform’s implementation for collaborative code development on GitLab is related to an incorrect restriction on the visible layers of the user interface. Exploiting this vulnerability could allow a malicious actor to execute a Cross-Window Forgery...

7.1CVSS6AI score0.00651EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2024/07/11 7:25 a.m.22 views

BIT-GITLAB-2024-2177 Improper Restriction of Rendered UI Layers or Frames in GitLab

A Cross Window Forgery vulnerability exists within GitLab CE/EE affecting all versions from 16.3 prior to 16.11.5, 17.0 prior to 17.0.3, and 17.1 prior to 17.1.1. This condition allows for an attacker to abuse the OAuth authentication flow via a crafted payload...

6.8CVSS6.5AI score0.00651EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/07/10 12:0 a.m.27 views

GitLab 16.3 < 16.11.5 / 17.0 < 17.0.3 / 17.1 < 17.1.1 (CVE-2024-2177)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A Cross Window Forgery vulnerability exists within GitLab CE/EE affecting all versions from 16.3 prior to 16.11.5, 17.0 prior to 17.0.3, and 17.1 prior to 17.1.1. This condition allows for an attacker...

6.8CVSS6AI score0.00651EPSS
Exploits1References4
NVD
NVD
added 2024/07/09 2:15 p.m.23 views

CVE-2024-2177

A Cross Window Forgery vulnerability exists within GitLab CE/EE affecting all versions from 16.3 prior to 16.11.5, 17.0 prior to 17.0.3, and 17.1 prior to 17.1.1. This condition allows for an attacker to abuse the OAuth authentication flow via a crafted payload...

6.8CVSS0.00651EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2024/07/09 2:15 p.m.32 views

CVE-2024-2177

A Cross Window Forgery vulnerability exists within GitLab CE/EE affecting all versions from 16.3 prior to 16.11.5, 17.0 prior to 17.0.3, and 17.1 prior to 17.1.1. This condition allows for an attacker to abuse the OAuth authentication flow via a crafted payload...

6.8CVSS6AI score0.00651EPSS
Exploits1References3
OSV
OSV
added 2024/07/09 2:15 p.m.3 views

UBUNTU-CVE-2024-2177

A Cross Window Forgery vulnerability exists within GitLab CE/EE affecting all versions from 16.3 prior to 16.11.5, 17.0 prior to 17.0.3, and 17.1 prior to 17.1.1. This condition allows for an attacker to abuse the OAuth authentication flow via a crafted payload...

6.8CVSS5.8AI score0.00651EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/07/09 1:30 p.m.31 views

CVE-2024-2177 Improper Restriction of Rendered UI Layers or Frames in GitLab

A Cross Window Forgery vulnerability exists within GitLab CE/EE affecting all versions from 16.3 prior to 16.11.5, 17.0 prior to 17.0.3, and 17.1 prior to 17.1.1. This condition allows for an attacker to abuse the OAuth authentication flow via a crafted payload...

6.8CVSS6.7AI score0.00651EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/07/09 1:30 p.m.37 views

CVE-2024-2177 Improper Restriction of Rendered UI Layers or Frames in GitLab

A Cross Window Forgery vulnerability exists within GitLab CE/EE affecting all versions from 16.3 prior to 16.11.5, 17.0 prior to 17.0.3, and 17.1 prior to 17.1.1. This condition allows for an attacker to abuse the OAuth authentication flow via a crafted payload...

6.8CVSS0.00651EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2024/07/09 1:30 p.m.20 views

CVE-2024-2177

Removed by vendor...

6.8CVSS6AI score0.00651EPSS
Exploits1
OSV
OSV
added 2024/07/09 1:30 p.m.19 views

CVE-2024-2177 Improper Restriction of Rendered UI Layers or Frames in GitLab

A Cross Window Forgery vulnerability exists within GitLab CE/EE affecting all versions from 16.3 prior to 16.11.5, 17.0 prior to 17.0.3, and 17.1 prior to 17.1.1. This condition allows for an attacker to abuse the OAuth authentication flow via a crafted payload...

6.8CVSS6.6AI score0.00651EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/02/21 12:0 a.m.3 views

PT-2024-6686 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 16.3 through 16.11.4 GitLab CE/EE versions 17.0 through 17.0.2 GitLab CE/EE versions 17.1 through 17.1.0 Description: A Cross Window Forgery issue exists within GitLab CE/EE due to an incorrect restriction of visualizabl...

7.1CVSS6.8AI score0.00651EPSS
Exploits1References16
Rows per page
Query Builder