9 matches found
EUVD-2024-49601
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-8647
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab affecting all versions starting 15.2 to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2. On self hosted installs, it wa...
CVE-2024-8647
An issue was discovered in GitLab affecting all versions starting 15.2 to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2. On self hosted installs, it was possible to leak the anti-CSRF-token to an external site while the Harbor integration was enabled...
BIT-GITLAB-2024-8647 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in GitLab
An issue was discovered in GitLab affecting all versions starting 15.2 to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2. On self hosted installs, it was possible to leak the anti-CSRF-token to an external site while the Harbor integration was enabled...
CVE-2024-8647
An issue was discovered in GitLab affecting all versions starting 15.2 to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2. On self hosted installs, it was possible to leak the anti-CSRF-token to an external site while the Harbor integration was enabled...
UBUNTU-CVE-2024-8647
An issue was discovered in GitLab affecting all versions starting 15.2 to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2. On self hosted installs, it was possible to leak the anti-CSRF-token to an external site while the Harbor integration was enabled...
CVE-2024-8647 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in GitLab
An issue was discovered in GitLab affecting all versions starting 15.2 to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2. On self hosted installs, it was possible to leak the anti-CSRF-token to an external site while the Harbor integration was enabled...
CVE-2024-8647
CVE-2024-8647 affects GitLab self-hosted installations, from versions 15.2 through 17.4.6, with 17.5 before 17.5.4 and 17.6 before 17.6.2. The issue enables leaking the anti-CSRF token to an external site when Harbor integration is enabled, indicating a cross-origin exposure vulnerability present...
PT-2024-10152 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 15.2 through 17.4.6 GitLab versions 17.5 through 17.5.4 GitLab versions 17.6 through 17.6.2 Description: The issue is related to a problem in GitLab that allows for a Cross-Site Request Forgery CSRF attack. This can be exploit...