10 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-11274
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 17.4.6, starting from 17.5 prior to 17.5.4, and starting from 17.6...
BIT-GITLAB-2024-11274 URL Redirection to Untrusted Site ('Open Redirect') in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 17.4.6, starting from 17.5 prior to 17.5.4, and starting from 17.6 prior to 17.6.2, injection of NEL headers in k8s proxy response could lead to session data exfiltration...
CVE-2024-11274
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 17.4.6, starting from 17.5 prior to 17.5.4, and starting from 17.6 prior to 17.6.2, injection of NEL headers in k8s proxy response could lead to session data exfiltration...
CVE-2024-11274 URL Redirection to Untrusted Site ('Open Redirect') in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 17.4.6, starting from 17.5 prior to 17.5.4, and starting from 17.6 prior to 17.6.2, injection of NEL headers in k8s proxy response could lead to session data exfiltration...
CVE-2024-11274 URL Redirection to Untrusted Site ('Open Redirect') in GitLab
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.1 prior to 17.4.6, starting from 17.5 prior to 17.5.4, and starting from 17.6 prior to 17.6.2, injection of NEL headers in k8s proxy response could lead to session data exfiltration...
CVE-2024-11274
CVE-2024-11274 affects GitLab CE/EE: all versions from 16.1 up to 17.4.6, from 17.5 up to 17.5.4, and from 17.6 up to 17.6.2. The vulnerability is the injection of Network Error Logging (NEL) headers in Kubernetes proxy responses, which could lead to session data exfiltration. The available conne...
CVE-2024-11274
Removed by vendor...
PT-2024-9581 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 16.1 through 17.4.6 GitLab CE/EE versions 17.5 through 17.5.4 GitLab CE/EE versions 17.6 through 17.6.2 Description: An issue was discovered in GitLab CE/EE where the injection of Network Error Logging NEL headers in the...
PT-2024-22676 · Xibo · Xibo
Name of the Vulnerable Software and Affected Versions: Xibo versions prior to 3.3.10 Xibo versions prior to 4.0.9 Xibo version 1.8 Xibo version 2.3 Description: Xibo is an Open Source Digital Signage platform with a web content management system and Windows display player software. In affected...
CVE-2022-1726 Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in wenzhixin/bootstrap-table
Bootstrap Tables XSS vulnerability with Table Export plug-in when exportOptions: htmlContent is true in GitHub repository wenzhixin/bootstrap-table prior to 1.20.2. Disclosing session cookies, disclosing secure session data, exfiltrating data to third-parties...