3 matches found
EUVD-2024-49601
Malicious code in bioql PyPI...
CVE-2024-8647 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in GitLab
An issue was discovered in GitLab affecting all versions starting 15.2 to 17.4.6, 17.5 prior to 17.5.4, and 17.6 prior to 17.6.2. On self hosted installs, it was possible to leak the anti-CSRF-token to an external site while the Harbor integration was enabled...
CVE-2024-8647
CVE-2024-8647 affects GitLab self-hosted installations, from versions 15.2 through 17.4.6, with 17.5 before 17.5.4 and 17.6 before 17.6.2. The issue enables leaking the anti-CSRF token to an external site when Harbor integration is enabled, indicating a cross-origin exposure vulnerability present...