15 matches found
Linux Distros Unpatched Vulnerability : CVE-2022-2884
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3.1 allows an an authenticated user to...
GitLab 15.3 Remote Code Execution
Exploit Title: GitLab v15.3 - Remote Code Execution RCE Authenticated Date: 2022-12-25 Exploit Author: Antonio Francesco Sardella Vendor Homepage: https://about.gitlab.com/ Software Link: https://about.gitlab.com/install/ Version: GitLab CE/EE, all versions from 11.3.4 prior to 15.1.5, 15.2 to...
GitLab v15.3 - Remote Code Execution (Authenticated) Exploit
Exploit Title: GitLab v15.3 - Remote Code Execution RCE Authenticated Exploit Author: Antonio Francesco Sardella Vendor Homepage: https://about.gitlab.com/ Software Link: https://about.gitlab.com/install/ Version: GitLab CE/EE, all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to...
GitLab v15.3 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: GitLab v15.3 - Remote Code Execution RCE Authenticated Date: 2022-12-25 Exploit Author: Antonio Francesco Sardella Vendor Homepage: https://about.gitlab.com/ Software Link: https://about.gitlab.com/install/ Version: GitLab CE/EE, all versions from 11.3.4 prior to 15.1.5, 15.2 to...
Exploit for OS Command Injection in Gitlab
gitlabrcecve-2022-2884 This is a Python3 program that explo...
CVE-2022-2884
A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3.1 allows an an authenticated user to achieve remote code execution via the Import from GitHub API endpoint...
CVE-2022-2884
A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3.1 allows an an authenticated user to achieve remote code execution via the Import from GitHub API endpoint...
CVE-2022-2884
A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3.1 allows an an authenticated user to achieve remote code execution via the Import from GitHub API endpoint...
CVE-2022-2884
CVE-2022-2884 affects GitLab CE/EE with authenticated remote code execution via the Import from GitHub API endpoint. Affected versions span from 11.3.4 up to 15.1.5, and also include 15.2.x (up to 15.2.3) and 15.3.x (up to 15.3.1), according to the vulnerability description. Public exploit activi...
Update now! GitLab issues critical security release for RCE vulnerability
GitLab has released versions 15.3.1, 15.2.3, 15.1.5 for GitLab Community Edition CE and Enterprise Edition EE. These versions contain important security fixes, and its recommended that all GitLab installations be upgraded to one of these versions immediately. GitLab.com is already running the...
Input validation flaw in GitLab’s Community and Enterprise Software
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary A remote code execution vulnerability that affects GitLab Community Edition CE and Enterprise Edition EE has been identified as CVE-2022-2884. It can be exploited using the GitHub import API, However it...
GitLab: Remote Command Execution via Github import
Summary This is very similar to https://about.gitlab.com/releases/2022/08/22/critical-security-release-gitlab-15-3-1-released/Remote%20Command%20Execution%20via%20Github%20import and allows arbitrary redis commands to be injected when imported a GitHub repository. When importing a GitHub repo the...
GitLab Issues Patch for Critical Flaw in its Community and Enterprise Software
DevOps platform GitLab this week issued patches to address a critical security flaw in its software that could lead to arbitrary code execution on affected systems. Tracked as CVE-2022-2884, the issue is rated 9.9 on the CVSS vulnerability scoring system and impacts all versions of GitLab Communi...
CVE-2022-2884
creationtimestamp| type| source ---|---|--- 2022-08-23 21:14:03+00:00| seen| https://t.me/informationsecuritychannel/48290 2022-08-24 08:56:15+00:00| seen| https://t.me/habrcomnews/9214 2022-08-24 11:17:10+00:00| seen| https://t.me/codebysec/6456 2022-08-24 12:56:29+00:00| seen|...
FreeBSD : Gitlab -- Remote Code Execution (8a0cd618-22a0-11ed-b1e7-001b217b3468)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 8a0cd618-22a0-11ed-b1e7-001b217b3468 advisory. - Gitlab reports: Remote Command Execution via Github import CVE-2022-2884 Note that Nessus has not...