3509 matches found
Code injection
Email addresses were leaked in WebHook logs in GitLab EE affecting all versions from 9.3 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1...
UBUNTU-CVE-2022-3293
Email addresses were leaked in WebHook logs in GitLab EE affecting all versions from 9.3 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1...
Denial Of Service (DoS)
istio is vulnerable to denial of service. The vulnerability is due to the Kubernetes validating or mutating webhook service being exposed to the public, allowing a malicious attacker to send a specially crafted oversized message resulting in a crash to the control plane...
GitLab 信息泄露漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. A security vulnerability exists in GitLab EE version 13.7 up to and including...
CVE-2022-3293
Email addresses were leaked in WebHook logs in GitLab EE affecting all versions from 9.3 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1...
CVE-2022-3293
GitLab EE vulnerability CVE-2022-3293: Email addresses were leaked in WebHook logs affecting all versions from 9.3 up to 15.2.5, 15.3 up to 15.3.4, and 15.4 up to 15.4.1. The connected sources confirm the affected product (GitLab EE) and the impact (exposure of email addresses via WebHook logs). ...
CVE-2022-3293
Email addresses were leaked in WebHook logs in GitLab EE affecting all versions from 9.3 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1...
PT-2022-21588 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab EE versions 9.3 through 15.2.4 GitLab EE versions 15.3 through 15.3.3 GitLab EE versions 15.4 through 15.4.0 Description: Email addresses were leaked in WebHook logs. The issue affects GitLab EE, with the leak occurring in the logs...
GitLab 日志信息泄露漏洞
GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery, and other features. A security vulnerability exists in GitLab CE/EE versions 9.3 through 15.2.5,...
CVE-2022-3293
Removed by vendor...
CVE-2022-3293
Email addresses were leaked in WebHook logs in GitLab EE affecting all versions from 9.3 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1...
CVE-2022-39302
Ree6 is a moderation bot. This vulnerability would allow other server owners to create configurations such as "Better-Audit-Logging" which contain a channel from another server as a target. This would mean you could send log messages to another Guild channel and bypass raid and webhook protection...
Design/Logic Flaw
Ree6 is a moderation bot. This vulnerability would allow other server owners to create configurations such as "Better-Audit-Logging" which contain a channel from another server as a target. This would mean you could send log messages to another Guild channel and bypass raid and webhook protection...
CVE-2022-39302 Ree6 may bypass webhook protection
Ree6 is a moderation bot. This vulnerability would allow other server owners to create configurations such as "Better-Audit-Logging" which contain a channel from another server as a target. This would mean you could send log messages to another Guild channel and bypass raid and webhook protection...
CVE-2022-39302 Ree6 may bypass webhook protection
Ree6 is a moderation bot. This vulnerability would allow other server owners to create configurations such as "Better-Audit-Logging" which contain a channel from another server as a target. This would mean you could send log messages to another Guild channel and bypass raid and webhook protection...
CVE-2022-39302
CVE-2022-39302 affects Ree6, a Discord moderation bot. Multiple sources describe a cross-server channel targeting flaw where a specially crafted log message can cause a configuration like “Better-Audit-Logging” to reference a channel in another server, enabling sending log messages to that channe...
CVE-2022-39302 Ree6 may bypass webhook protection
Ree6 is a moderation bot. This vulnerability would allow other server owners to create configurations such as "Better-Audit-Logging" which contain a channel from another server as a target. This would mean you could send log messages to another Guild channel and bypass raid and webhook protection...
Istio 资源管理错误漏洞
Istio is a set of open platforms for connecting, managing, and securing microservices. Istio suffers from a resource management error vulnerability that stems from susceptibility to request handling errors, which can be exploited by an attacker to send specially crafted or oversized messages that...
CVE-2022-39292 Exposure of sensitive Slack webhook URLs in debug logs and traces
Slack Morphism is a modern client library for Slack Web/Events API/Socket Mode and Block Kit. Debug logs expose sensitive URLs for Slack webhooks that contain private information. The problem is fixed in version 1.3.2 which redacts sensitive URLs for webhooks. As a workaround, people who use Slac...
GitLab 9.3 < 15.2.5 / 15.3 < 15.3.4 / 15.4 < 15.4.1 (CVE-2022-3018)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 9.3 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before...