2310 matches found
GitLab 12.5 < 17.2.9 / 17.3 < 17.3.5 / 17.4 < 17.4.2 (CVE-2024-9164)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Gitlab reports: Run pipelines on arbitrary branches An attacker can impersonate arbitrary user SSRF in Analytics Dashboard Viewing diffs of MR with conflicts can be slow HTMLi in OAuth page Deploy Key...
CVE-2024-9623
An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows deploy keys to push to an archived repository...
UBUNTU-CVE-2024-9623
An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows deploy keys to push to an archived repository...
CVE-2024-9623 Incorrect Authorization in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows deploy keys to push to an archived repository...
CVE-2024-9623 Incorrect Authorization in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows deploy keys to push to an archived repository...
CVE-2024-9623
CVE-2024-9623 affects GitLab CE/EE versions 8.16–17.2.9, 17.3–17.3.5, and 17.4–17.4.2, enabling deploy keys to push to archived repositories. The connected documents confirm the affected ranges and the action (deploy keys abuse), but no explicit root-cause details beyond the described behavior ar...
CVE-2024-9623 Incorrect Authorization in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 8.16 prior to 17.2.9, starting from 17.3 prior to 17.3.5, and starting from 17.4 prior to 17.4.2, which allows deploy keys to push to an archived repository...
CVE-2024-9623
Removed by vendor...
FreeBSD : Gitlab -- vulnerabilities (cc1ac01e-86b0-11ef-9369-2cf05da270f3)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the cc1ac01e-86b0-11ef-9369-2cf05da270f3 advisory. Gitlab reports: Run pipelines on arbitrary branches An attacker can impersonate arbitrary user...
Gitlab -- vulnerabilities
Gitlab reports: Run pipelines on arbitrary branches An attacker can impersonate arbitrary user SSRF in Analytics Dashboard Viewing diffs of MR with conflicts can be slow HTMLi in OAuth page Deploy Keys can push changes to an archived repository Guests can disclose project templates GitLab instanc...
LoadZilla LoadLogic 安全漏洞
LoadZilla LoadLogic is an application from LoadZilla, Inc. A security vulnerability exists in LoadZilla LoadLogic v1.4.3. An attacker can exploit the vulnerability to execute arbitrary code via the LogicLoadEc2DeployLambda and CredsGenFunction functions...
RHSA-2015:1092 Red Hat Security Advisory: ceph-deploy security update
Bulletin has no description...
better-lambda-deploy (>=0.0.4 <=0.6.9) potentially affected by unknown CVE via aws-sam-cli (>=0.40.0 <=0.53.0)
aws-sam-cli PYPI version =0.40.0, =0.0.4, =0.6.9 Source cves: unknown CVE Source advisory: OSV:GHSA-RJC6-VM4H-85CG...
CVE-2024-34019
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy Windows before build 4569...
CVE-2024-34019
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy Windows before build 4569...
CVE-2024-34017
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy Windows before build 4569...
CVE-2024-34018
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Snap Deploy Windows before build 4569...
CVE-2024-34017
Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy Windows before build 4569...
CVE-2024-34018
Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Snap Deploy Windows before build 4569...
CVE-2024-34018
CVE-2024-34018 affects Acronis Snap Deploy for Windows, prior to build 4569. The root cause is insecure folder permissions that permit disclosure of sensitive information. Impact is described as a sensitive information disclosure with a local attack vector; the vulnerability is tied to the Window...