7439 matches found
CVE-2024-11931
An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.6.4, from 17.7 prior to 17.7.3, and from 17.8 prior to 17.8.1. Under certain conditions, it may have been possible for users with developer role to exfiltrate protected CI variables via CI lint...
CVE-2024-11931 Insufficient Granularity of Access Control in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.6.4, from 17.7 prior to 17.7.3, and from 17.8 prior to 17.8.1. Under certain conditions, it may have been possible for users with developer role to exfiltrate protected CI variables via CI lint...
CVE-2024-11931 Insufficient Granularity of Access Control in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.6.4, from 17.7 prior to 17.7.3, and from 17.8 prior to 17.8.1. Under certain conditions, it may have been possible for users with developer role to exfiltrate protected CI variables via CI lint...
CVE-2024-11931
GitLab CVE-2024-11931 affects GitLab CE/EE versions 17.0–17.6.3, 17.7–17.7.2, and 17.8–17.8.0, enabling developers to exfiltrate protected CI variables via CI lint under certain conditions. The connected docs do not provide a detailed root cause beyond the issue description. A patch release (GitL...
CVE-2024-11931 Insufficient Granularity of Access Control in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 17.0 prior to 17.6.4, from 17.7 prior to 17.7.3, and from 17.8 prior to 17.8.1. Under certain conditions, it may have been possible for users with developer role to exfiltrate protected CI variables via CI lint...
PT-2025-1718 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 17.0 through 17.6.3 GitLab CE/EE versions 17.7 through 17.7.2 GitLab CE/EE versions 17.8 through 17.8.0 Description: An issue has been discovered in GitLab CE/EE that affects users with a developer role, allowing them to...
A Bootiful Podcast: Java Developer Advocate Billy Korando on JavaOne 2025, Java 24, and so much more
Hi, Spring fans! in this installment I talk to Java developer advocate Billy Korando about the latest and greatest in the amazing Java ecosystem! java JavaOne Oracle...
CVE-2025-23701
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in limesquare Lime Developer Login lime-developer-login allows Reflected XSS.This issue affects Lime Developer Login: from n/a through = 1.4.0...
CVE-2025-23701
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in limesquare Lime Developer Login lime-developer-login allows Reflected XSS.This issue affects Lime Developer Login: from n/a through = 1.4.0...
CVE-2025-23701 WordPress Lime Developer Login plugin <= 1.4.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in limesquare Lime Developer Login lime-developer-login allows Reflected XSS.This issue affects Lime Developer Login: from n/a through = 1.4.0...
CVE-2025-23701 WordPress Lime Developer Login plugin <= 1.4.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Matthew Blackford, LimeSquare Pty Ltd Lime Developer Login allows Reflected XSS. This issue affects Lime Developer Login: from n/a through 1.4.0...
CVE-2025-23701
CVE-2025-23701 describes a Reflected XSS in Lime Developer Login (Lime Developer Login by LimeSquare Pty Ltd) caused by improper neutralization of input during web page generation. Affected: Lime Developer Login, version range v1.0 through v1.4.0 (as stated). The Red Hat CVE record confirms the s...
[SECURITY] Fedora 40 Update: python-jinja2-3.1.5-1.fc40
Jinja2 is a template engine written in pure Python. It provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. If you have any exposure to other text-based template languages, such as Smarty or Django, you should feel right at home with...
PT-2025-5036 · Unknown · Lime Developer Login
Name of the Vulnerable Software and Affected Versions: Lime Developer Login versions 1.4.0 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for reflected Cross-site Scripting XSS. This means that an attacker can inject...
WordPress plugin Lime Developer Login 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
Important: Red Hat Bug Fix Advisory: Red Hat Developer Hub 1.4.1 release.
Red Hat Developer Hub 1.4 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single pa...
Malicious code in opensea-developer-docs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 692ba66619407967d692be9c0e70b5b297806cf1e398766ee1556657af6feba1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-214 Malicious code in opensea-developer-docs (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 692ba66619407967d692be9c0e70b5b297806cf1e398766ee1556657af6feba1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-52870
Teradata Vantage Editor 1.0.1 is mostly intended for SQL database access and docs.teradata.com access, but provides unintended functionality including Chromium Developer Tools that can result in a client user accessing arbitrary remote websites...
CVE-2024-52870
Teradata Vantage Editor 1.0.1 is mostly intended for SQL database access and docs.teradata.com access, but provides unintended functionality including Chromium Developer Tools that can result in a client user accessing arbitrary remote websites...