Lucene search
K

123 matches found

Chainguard
Chainguard
added 2024/03/05 11:15 p.m.77 views

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: prometheus-node-exporter, crossplane-provider-aws-eks, spire-server-fips, kube-fluentd-operator, kubernetes-csi-driver-hostpath, cri-tools, boring-registry-fips, kine, kube-rbac-proxy-fips, volume-modifier-for-k8s, kubernetes-csi-livenessprobe, terraform-provider-aws...

7.5CVSS6.7AI score0.01262EPSS
Exploits0
Wolfi
Wolfi
added 2023/10/25 9:17 p.m.177 views

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: cortex, aactl, terraform-provider-sendgrid, kubescape, scorecard, buildkitd, kubeflow, k3d, prometheus-blackbox-exporter, src, dgraph, kubevela, spark-operator, up, falco, slsa-verifier...

5.9AI score
Exploits0
Chainguard
Chainguard
added 2023/10/25 9:17 p.m.83 views

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: kubernetes-csi-livenessprobe-fips, kubescape, kubeflow-fips, conftest-fips, bank-vaults-fips, scorecard, falco, metrics-server-fips, cortex, timestamp-authority-fips, aactl, terraform-provider-sendgrid, prometheus-blackbox-exporter, dgraph, up, kubeflow,...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2023/10/10 9:28 p.m.43 views

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: terraform-provider-sendgrid, aactl, gobuster, certificate-transparency, ip-masq-agent, pulumi-language-dotnet, kaf, bom, cue, spark-operator, fuse-overlayfs-snapshotter, flux-source-controller, terraform-provider-aws, frp, kubeflow-katib, prometheus-blackbox-exporter...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2023/10/09 5:56 p.m.32 views

CVE-2023-4008

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.9 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible to takeover GitLab Pages with unique domain URLs if the random string added was known...

9.8CVSS6.6AI score0.00605EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2023/08/03 7:15 a.m.33 views

CVE-2023-4008

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.9 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible to takeover GitLab Pages with unique domain URLs if the random string added was known...

9.8CVSS7.1AI score0.00605EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/08/03 6:31 a.m.18 views

CVE-2023-4008 Incorrect Ownership Assignment in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.9 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible to takeover GitLab Pages with unique domain URLs if the random string added was known...

5.3CVSS7.2AI score0.00605EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/08/03 12:0 a.m.4 views

PT-2023-27254 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 15.9 through 16.0.7 GitLab CE/EE versions 16.1 through 16.1.2 GitLab CE/EE versions 16.2 through 16.2.1 Description: An issue has been discovered in GitLab CE/EE, where it was possible to takeover GitLab Pages with uniqu...

9.8CVSS6.6AI score0.00605EPSS
Exploits0References10
OSV
OSV
added 2023/01/12 4:15 a.m.2 views

UBUNTU-CVE-2023-0042

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 prior to 15.5.7, 15.6 prior to 15.6.4, and 15.7 prior to 15.7.2. GitLab Pages allows redirection to arbitrary protocols...

6.1CVSS6.5AI score0.00403EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2023/01/12 12:0 a.m.8 views

CVE-2023-0042

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.4 prior to 15.5.7, 15.6 prior to 15.6.4, and 15.7 prior to 15.7.2. GitLab Pages allows redirection to arbitrary protocols...

6.1CVSS6.9AI score0.00403EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/09/13 12:0 a.m.23 views

SUSE SLES15: ruby2.5-rubygem-kramdown / ruby2.5-rubygem-kramdown-doc / etc (SUSE-SU-2022:3259-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3259-1 advisory. - CVE-2020-14001: Fixed processing template options inside documents allowing unintended read access or embedded Ruby code execution...

9.8CVSS7.8AI score0.0456EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/04/18 12:0 a.m.34 views

GitLab 11.5 < 14.7.7 / 14.8 < 14.8.5 / 14.9 < 14.9.2 (CVE-2022-1148)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Improper authorization in GitLab Pages included with GitLab CE/EE affecting all versions from 11.5 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowed an attacker to steal a user's...

6.5CVSS6.5AI score0.01129EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/04/04 8:15 p.m.4 views

CVE-2022-1121

A lack of appropriate timeouts in GitLab Pages included in GitLab CE/EE all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows an attacker to cause unlimited resource consumption...

5.3CVSS5.9AI score0.0104EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/04/04 8:15 p.m.6 views

CVE-2022-1148

Improper authorization in GitLab Pages included with GitLab CE/EE affecting all versions from 11.5 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowed an attacker to steal a user's access token on an attacker-controlled private GitLab Pages website and reuse that token on the...

6.5CVSS6.6AI score0.01129EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCve
added 2022/04/04 8:15 p.m.40 views

CVE-2022-1148

Improper authorization in GitLab Pages included with GitLab CE/EE affecting all versions from 11.5 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowed an attacker to steal a user's access token on an attacker-controlled private GitLab Pages website and reuse that token on the...

6.5CVSS6.6AI score0.01129EPSS
Exploits0References4
Prion
Prion
added 2022/04/04 8:15 p.m.20 views

Authorization

Improper authorization in GitLab Pages included with GitLab CE/EE affecting all versions from 11.5 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowed an attacker to steal a user's access token on an attacker-controlled private GitLab Pages website and reuse that token on the...

4.3CVSS6.3AI score0.01129EPSS
Exploits0References3Affected Software1
UbuntuCve
UbuntuCve
added 2022/04/04 8:15 p.m.39 views

CVE-2022-1121

A lack of appropriate timeouts in GitLab Pages included in GitLab CE/EE all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows an attacker to cause unlimited resource consumption...

5.3CVSS6.1AI score0.0104EPSS
Exploits0References3
OSV
OSV
added 2022/04/04 8:15 p.m.1 views

UBUNTU-CVE-2022-1148

Improper authorization in GitLab Pages included with GitLab CE/EE affecting all versions from 11.5 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowed an attacker to steal a user's access token on an attacker-controlled private GitLab Pages website and reuse that token on the...

6.5CVSS5.8AI score0.01129EPSS
Exploits0References5
OSV
OSV
added 2022/04/04 8:15 p.m.1 views

UBUNTU-CVE-2022-1121

A lack of appropriate timeouts in GitLab Pages included in GitLab CE/EE all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows an attacker to cause unlimited resource consumption...

5.3CVSS5.8AI score0.0104EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/04/04 7:46 p.m.28 views

CVE-2022-1121

A lack of appropriate timeouts in GitLab Pages included in GitLab CE/EE all versions prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allows an attacker to cause unlimited resource consumption...

5.3CVSS5.6AI score0.0104EPSS
Exploits0References2
Rows per page
Query Builder