Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-31643

Malicious code in bioql PyPI...

8.1CVSS6.3AI score0.00355EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-3035

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A permission check vulnerability in GitLab CE/EE affecting all versions starting from 8.12 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allow...

8.1CVSS5.5AI score0.00355EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:52 a.m.3 views

CVE-2024-3035

A permission check vulnerability in GitLab CE/EE affecting all versions starting from 8.12 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allowed for LFS tokens to read and write to the user owned repositories...

8.1CVSS6.3AI score0.00355EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2024/11/26 12:0 a.m.22 views

Gitlab -- vulnerabilities

Gitlab reports: Privilege Escalation via LFS Tokens DoS through uncontrolled resource consumption when viewing a maliciously crafted cargo.toml file Unintended Access to Usage Data via Scoped Tokens Gitlab DOS via Harbor registry integration Resource exhaustion and denial of service with testrepo...

8.8CVSS6.8AI score0.00684EPSS
Exploits0References1
OSV
OSV
added 2024/08/10 7:27 a.m.14 views

BIT-GITLAB-2024-3035 Authorization Bypass Through User-Controlled Key in GitLab

A permission check vulnerability in GitLab CE/EE affecting all versions starting from 8.12 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allowed for LFS tokens to read and write to the user owned repositories...

8.1CVSS6.8AI score0.00355EPSS
Exploits0References3
NVD
NVD
added 2024/08/08 11:15 a.m.25 views

CVE-2024-3035

A permission check vulnerability in GitLab CE/EE affecting all versions starting from 8.12 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allowed for LFS tokens to read and write to the user owned repositories...

8.1CVSS0.00355EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/08/08 11:15 a.m.17 views

CVE-2024-3035

A permission check vulnerability in GitLab CE/EE affecting all versions starting from 8.12 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allowed for LFS tokens to read and write to the user owned repositories...

8.1CVSS5.9AI score0.00355EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/08/08 10:31 a.m.30 views

CVE-2024-3035 Authorization Bypass Through User-Controlled Key in GitLab

A permission check vulnerability in GitLab CE/EE affecting all versions starting from 8.12 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allowed for LFS tokens to read and write to the user owned repositories...

6.8CVSS6.5AI score0.00355EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/08 10:31 a.m.36 views

CVE-2024-3035 Authorization Bypass Through User-Controlled Key in GitLab

A permission check vulnerability in GitLab CE/EE affecting all versions starting from 8.12 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allowed for LFS tokens to read and write to the user owned repositories...

6.8CVSS0.00355EPSS
Exploits0References2
CVE
CVE
added 2024/08/08 10:31 a.m.100 views

CVE-2024-3035

CVE-2024-3035 is a GitLab CE/EE permission-check vulnerability affecting all versions from 8.12 up to 17.0.6, 17.1 up to 17.1.4, and 17.2 up to 17.2.2, allowing LFS tokens to read and write to user-owned repositories. Root cause: permission check flaw in the LFS path. Impact: read/write access to...

8.1CVSS6.3AI score0.00355EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2024/08/08 10:31 a.m.18 views

CVE-2024-3035

Removed by vendor...

8.1CVSS5.8AI score0.00355EPSS
Exploits0
OSV
OSV
added 2024/08/08 10:31 a.m.14 views

CVE-2024-3035 Authorization Bypass Through User-Controlled Key in GitLab

A permission check vulnerability in GitLab CE/EE affecting all versions starting from 8.12 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allowed for LFS tokens to read and write to the user owned repositories...

6.8CVSS6.3AI score0.00355EPSS
Exploits0References5
CNNVD
CNNVD
added 2024/08/08 12:0 a.m.6 views

GitLab 安全漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD continuous integration and continuous delivery, and other features. A security vulnerability exists in GitLab that stems from the presence of a...

8.1CVSS6.7AI score0.00355EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/08/08 12:0 a.m.24 views

GitLab 8.12 < 17.0.6 / 17.1 < 17.1.4 / 17.2 < 17.2.2 (CVE-2024-3035)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A permission check vulnerability in GitLab CE/EE affecting all versions starting from 8.12 prior to 17.0.6, 17.1 prior to 17.1.4, and 17.2 prior to 17.2.2 allowed for LFS tokens to read and write to t...

8.1CVSS5.5AI score0.00355EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/08/07 12:0 a.m.3 views

PT-2024-5510 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 8.12 through 17.0.5 GitLab CE/EE versions 17.1 through 17.1.3 GitLab CE/EE versions 17.2 through 17.2.1 Description: The issue is related to an error in handling LFS tokens, which can be exploited by a remote attacker to...

8.1CVSS6.7AI score0.00355EPSS
Exploits0References15
Rows per page
Query Builder