Lucene search
+L

119 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:59 a.m.7 views

CVE-2023-1401

An issue has been discovered in GitLab DAST scanner affecting all versions starting from 3.0.29 before 4.0.5, in which the DAST scanner leak cross site cookies on redirect during authorization...

5CVSS6.6AI score0.00432EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:51 a.m.5 views

CVE-2023-0326

An issue has been discovered in GitLab DAST API scanner affecting all versions starting from 1.6.50 before 2.11.0, where Authorization headers was leaked in vulnerability report evidence...

5CVSS4.9AI score0.00802EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:2 a.m.10 views

CVE-2022-4315

An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 2.0 before 3.0.55, which sends custom request headers with every request on the authentication page...

6.5CVSS6.8AI score0.00805EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:57 p.m.5 views

CVE-2022-4206

A sensitive information leak issue has been discovered in all versions of DAST API scanner from 1.6.50 prior to 2.0.102, exposing the Authorization header in the vulnerability report...

6.5CVSS6.3AI score0.00636EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:54 p.m.9 views

CVE-2022-4317

An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 1.47 before 3.0.51, which sends custom request headers in redirects...

6.1CVSS6.6AI score0.00541EPSS
Exploits1References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/04/02 5:19 a.m.4 views

Malicious code in nemo-dast-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38ea0189209023ae2d04586bfbc3d791022f0fa6052dee65ec03832a80ce67a1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References3
OSV
OSV
added 2025/04/02 5:19 a.m.2 views

MAL-2025-3073 Malicious code in nemo-dast-plugin (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38ea0189209023ae2d04586bfbc3d791022f0fa6052dee65ec03832a80ce67a1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/03/13 9:16 p.m.4 views

Malicious code in mocha-dast-reporter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 09f8297f30739d5810d9dfb46db787d2d403256217f71cbd9b85c5e8671ff8f6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.8AI score
Exploits0References1
OSV
OSV
added 2025/03/13 9:16 p.m.5 views

MAL-2025-2344 Malicious code in mocha-dast-reporter (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 09f8297f30739d5810d9dfb46db787d2d403256217f71cbd9b85c5e8671ff8f6 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 12:52 a.m.13 views

CVE-2022-3767

Missing validation in DAST analyzer affecting all versions from 1.11.0 prior to 3.0.32, allows custom request headers to be sent with every request, regardless of the host...

7.7CVSS6.6AI score0.00746EPSS
Exploits1
OSV
OSV
added 2024/11/05 7:26 a.m.26 views

BIT-GITLAB-2022-4315

An issue has been discovered in GitLab DAST analyzer affecting all versions starting from 2.0 before 3.0.55, which sends custom request headers with every request on the authentication page...

6.5CVSS6.4AI score0.00805EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2024/09/30 12:0 a.m.1126 views

VegaBird Vooki 5.2.9 DLL Hijacking

==================================== CVE ID: CVE-2024-45874 Author: Iulian Florea Vendor: VegaBird Product: Vooki - Dynamic Web Application & REST API Vulnerability Scanner DAST Tool Vulnerability Type: DLL Hijacking ==================================== ==================================== Summar...

7.4AI score0.00726EPSS
Exploits1
OSV
OSV
added 2024/09/14 7:17 a.m.15 views

BIT-GITLAB-2024-2743 Incorrect Authorization in GitLab

An issue was discovered in GitLab-EE starting with version 13.3 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2 that would allow an attacker to modify an on-demand DAST scan without permissions and leak variables...

9.1CVSS6.8AI score0.00403EPSS
Exploits0References4
NVD
NVD
added 2024/09/12 5:15 p.m.14 views

CVE-2024-2743

An issue was discovered in GitLab-EE starting with version 13.3 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2 that would allow an attacker to modify an on-demand DAST scan without permissions and leak variables...

9.1CVSS0.00403EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/09/12 4:57 p.m.22 views

CVE-2024-2743 Incorrect Authorization in GitLab

An issue was discovered in GitLab-EE starting with version 13.3 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2 that would allow an attacker to modify an on-demand DAST scan without permissions and leak variables...

5.3CVSS6.8AI score0.00403EPSS
Exploits0References2
CVE
CVE
added 2024/09/12 4:57 p.m.82 views

CVE-2024-2743

CVE-2024-2743 affects GitLab-EE: vulnerable in versions 13.3–before 17.1.7, 17.2–before 17.2.5, and 17.3–before 17.3.2. Root cause described as incorrect authorization that allows an attacker to modify an on-demand DAST scan without permissions and leak variables. Impact is the ability to alter s...

9.1CVSS6.9AI score0.00403EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2024/09/12 4:57 p.m.27 views

CVE-2024-2743 Incorrect Authorization in GitLab

An issue was discovered in GitLab-EE starting with version 13.3 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2 that would allow an attacker to modify an on-demand DAST scan without permissions and leak variables...

5.3CVSS0.00403EPSS
Exploits0References2
OSV
OSV
added 2024/09/12 4:57 p.m.15 views

CVE-2024-2743 Incorrect Authorization in GitLab

An issue was discovered in GitLab-EE starting with version 13.3 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2 that would allow an attacker to modify an on-demand DAST scan without permissions and leak variables...

5.3CVSS6.5AI score0.00403EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2024/09/12 4:57 p.m.20 views

CVE-2024-2743

Removed by vendor...

9.1CVSS5.8AI score0.00403EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/09/12 12:0 a.m.24 views

GitLab 13.3 < 17.1.7 / 17.2 < 17.2.5 / 17.3 < 17.3.2 (CVE-2024-2743)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue was discovered in GitLab-EE starting with version 13.3 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2 that would allow an attacker to modify an on-demand DAST scan without...

9.1CVSS5.6AI score0.00403EPSS
Exploits0References4
Rows per page
Query Builder