Lucene search
K
GitlabRecent

1518 matches found

GitLab Advisory Database
GitLab Advisory Database
•added 2021/11/11 12:0 a.m.•22 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

An unauthenticated Apache Traffic Control Traffic Ops user can send a request with a specially-crafted username to the POST /login endpoint of any API version to inject unsanitized content into the LDAP filter...

9.8CVSS3.7AI score0.04431EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/11/01 12:0 a.m.•33 views

Files or Directories Accessible to External Parties

A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem...

8.8CVSS1.8AI score0.06873EPSS
Exploits1References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/10/13 12:0 a.m.•30 views

Improper Input Validation

An authenticated Apache Traffic Control Traffic Ops user with Portal-level privileges can send a request with a specially-crafted email subject to the /deliveryservices/request Traffic Ops endpoint to send an email, from the Traffic Ops server, with an arbitrary body to an arbitrary email address...

4.3CVSS3.6AI score0.02734EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/10/12 12:0 a.m.•175 views

Use of a Broken or Risky Cryptographic Algorithm

A weak robustness vulnerability exists in the AWS Encryption SDKs for Java, Python, C and Javalcript prior to versions 2.0.0. Due to the non-committing property of AES-GCM and other AEAD ciphers such as AES-GCM-SIV or XChaCha20Poly1305 used by the SDKs to encrypt messages, an attacker can craft a...

8.1CVSS2.8AI score0.00394EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/10/12 12:0 a.m.•46 views

Improper Input Validation

An authenticated Apache Traffic Control Traffic Ops user with Portal-level privileges can send a request with a specially-crafted email subject to the /deliveryservices/request Traffic Ops endpoint to send an email, from the Traffic Ops server, with an arbitrary body to an arbitrary email address...

4.3CVSS3AI score0.02734EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/10/05 12:0 a.m.•93 views

Cobbler before 3.3.0 allows authorization bypass for modification of settings.

Cobbler before 3.3.0 allows authorization bypass for modification of settings...

7.5CVSS8.5AI score0.01307EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/10/05 12:0 a.m.•44 views

Cobbler before 3.3.0 allows log poisoning

Cobbler before 3.3.0 allows log poisoning, and resultant Remote Code Execution, via an XMLRPC method that logs to the logfile for template injection...

9.8CVSS9.7AI score0.88482EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/10/05 12:0 a.m.•36 views

Cobbler before 3.3.0 allows arbitrary file write operations via upload_log_data.

Cobbler before 3.3.0 allows arbitrary file write operations via uploadlogdata...

7.5CVSS8.5AI score0.68635EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/09/27 12:0 a.m.•55 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Gitea 1.12.x and 1.13.x before 1.13.4 allows XSS via certain issue data in some situations...

5.4CVSS3.3AI score0.08762EPSS
Exploits2References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/09/21 12:0 a.m.•31 views

Externally Controlled Reference to a Resource in Another Sphere

A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view kube-apiserver logs when the lo...

4.1CVSS1.9AI score0.021EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/09/21 12:0 a.m.•20 views

Externally Controlled Reference to a Resource in Another Sphere

A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack...

3.5CVSS3.4AI score0.01952EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/09/21 12:0 a.m.•13 views

Improper Control of Generation of Code ('Code Injection') in @asyncapi/modelina

Impact Anyone who is using the default presets and/or does not handle the functionality themself. Patches It has not been patched yet. Workarounds Fully custom presets that change the entire rendering process which can then escape the user input. For more information Even though that I changed al...

0.8AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/09/15 12:0 a.m.•36 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross Site Scripting XSS vulnerability exists in the admin panel in Beego v2.0.1 via the URI path in an HTTP request, which is activated by administrators viewing the "Request Statistics" page...

6.1CVSS2.2AI score0.00795EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/09/14 12:0 a.m.•42 views

Cross-site Scripting

Cross Site Scripting XSS vulnerability exists in the admin panel in Beego via the URI path in an HTTP request, which is activated by administrators viewing the Request Statistics page...

6.1CVSS2AI score0.00795EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/09/08 12:0 a.m.•61 views

Flask-AppBuilder Open Redirect vulnerability

If using Flask-AppBuilder OAuth, an attacker can share a carefully crafted URL with a trusted domain for an application built with Flask-AppBuilder, this URL can redirect a user to a malicious site. This is an open redirect vulnerability...

7.2CVSS6.1AI score0.007EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/09/07 12:0 a.m.•27 views

URL Redirection to Untrusted Site ('Open Redirect')

A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs...

4.9CVSS1.2AI score0.01332EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/09/06 12:0 a.m.•36 views

Use of a Broken or Risky Cryptographic Algorithm

The ElGamal implementation in Botan, as used in Thunderbird and other products, allows plaintext recovery because, during interaction between two cryptographic libraries, a certain dangerous combination of the prime defined by the receiver's public key, the generator defined by the receiver's...

5.9CVSS2.3AI score0.01532EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/09/06 12:0 a.m.•23 views

URL Redirection to Untrusted Site (Open Redirect)

A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs...

4.9CVSS1.2AI score0.01332EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/09/06 12:0 a.m.•30 views

Incorrect Authorization

A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook.Validating Admission Webhook does not observe some previous fields...

6.5CVSS3.9AI score0.05524EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/09/01 12:0 a.m.•30 views

Weak Password Recovery Mechanism for Forgotten Password

Akaunting version 2.1.12 and earlier suffers from a password reset spoofing vulnerability, wherein an attacker can proxy password reset requests through a running Akaunting instance, if that attacker knows the target's e-mail address. This issue was fixed in version 2.1.13 of the product. Please...

8.1CVSS2.8AI score0.00957EPSS
Exploits1References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/09/01 12:0 a.m.•45 views

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Improper configuration will cause ServiceComb ServiceCenter Directory Traversal problem in ServcieCenter 1.x.x versions and fixed in 2.0.0...

7.5CVSS4.9AI score0.04441EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/30 12:0 a.m.•83 views

Improper Handling of Case Sensitivity

Istio is an open source platform for providing a uniform way to integrate microservices, manage traffic flow across microservices, enforce policies and aggregate telemetry data. According to RFC 4343, Istio authorization policy should compare the hostname in the HTTP Host header in a case...

8.3CVSS0.5AI score0.01176EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/30 12:0 a.m.•57 views

Incorrect Authorization

Istio is an open source platform for providing a uniform way to integrate microservices, manage traffic flow across microservices, enforce policies and aggregate telemetry data. Istio 1.11.0, 1.10.3 and below, and 1.9.7 and below contain a remotely exploitable vulnerability where an HTTP request...

8.1CVSS1AI score0.0109EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/30 12:0 a.m.•93 views

Improper Handling of Case Sensitivity

Istio is an open source platform for providing a uniform way to integrate microservices, manage traffic flow across microservices, enforce policies and aggregate telemetry data. According to RFC 4343, Istio authorization policy should compare the hostname in the HTTP Host header in a case...

8.3CVSS0.5AI score0.01176EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/25 12:0 a.m.•8 views

Use-after-free in actix-codec

An issue was discovered in the actix-codec crate before 0.3.0-beta.1 for Rust. There is a use-after-free in Framed...

9.8CVSS7.2AI score0.01629EPSS
Exploits1References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/25 12:0 a.m.•8 views

Use-after-free in actix-http

An issue was discovered in the actix-http crate before 2.0.0-alpha.1 for Rust. There is a use-after-free in BodyStream...

7.5CVSS7.1AI score0.01406EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/25 12:0 a.m.•11 views

HTTP Request Smuggling in actix-http

Affected versions of this crate did not properly detect invalid requests that could allow HTTP/1 request smuggling HRS attacks when running alongside a vulnerable front-end proxy server. This can result in leaked internal and/or user data, including credentials, when the front-end proxy is also...

7.5CVSS6.9AI score0.0181EPSS
Exploits1References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/25 12:0 a.m.•4 views

Multiple memory safety issues in actix-web

Affected versions contain multiple memory safety issues, such as: - Unsoundly coercing immutable references to mutable references - Unsoundly extending lifetimes of strings - Adding the Send marker trait to objects that cannot be safely sent between threads This may result in a variety of memory...

5.8AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/25 12:0 a.m.•11 views

Use after free in actix-service

An issue was discovered in the actix-service crate before 1.0.6 for Rust. The Cell implementation allows obtaining more than one mutable reference to the same data...

5.5CVSS6.1AI score0.00374EPSS
Exploits1References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/25 12:0 a.m.•6 views

Use after free in actix-utils

An issue was discovered in the actix-utils crate before 2.0.0 for Rust. The Cell implementation allows obtaining more than one mutable reference to the same data...

9.1CVSS7.2AI score0.0141EPSS
Exploits1References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/25 12:0 a.m.•11 views

Use of Uninitialized Resource in alg_ds

An issue was discovered in the algds crate through 2020-08-25 for Rust. Matrix::new internally calls Matrix::fillwith which uses ptr = value pattern to initialize the buffer. This pattern assumes that there is an initialized struct at the address and drops it, which results in dropping of...

9.8CVSS7.2AI score0.0123EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/25 12:0 a.m.•7 views

Double free in algorithmica

An issue was discovered in the algorithmica crate through 2021-03-07 for Rust. In the affected versions of this crate, mergesort::merge wildly duplicates and drops ownership of T without guarding against double-free. Due to such implementation, simply invoking mergesort::merge on Vec can cause...

7.5CVSS7AI score0.00961EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/25 12:0 a.m.•10 views

Free of uninitialized memory in adtensor

An issue was discovered in the adtensor crate through 0.0.3 for Rust. There is a drop of uninitialized memory via the FromIterator implementation for Vector and Matrix...

9.8CVSS7.2AI score0.01326EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/25 12:0 a.m.•4 views

Update unsound DrainFilter and RString::retain

An issue was discovered in the abistable crate before 0.9.1 for Rust. DrainFilter lacks soundness because of a double drop...

7.5CVSS7.1AI score0.01413EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/25 12:0 a.m.•5 views

Update unsound DrainFilter and RString::retain

An issue was discovered in the abistable crate before 0.9.1 for Rust. A retain call can create an invalid UTF-8 string, violating soundness...

7.5CVSS7.1AI score0.01358EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/25 12:0 a.m.•8 views

Data race in abox

Affected versions of this crate implements Send/Sync for AtomicBox without requiring T: Send/T: Sync. This allows to create data races to T: !Sync and send T: !Send to another thread. Such behavior breaks the compile-time thread safety guarantees of Rust, and allows users to incur undefined...

8.1CVSS7.1AI score0.00766EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/25 12:0 a.m.•53 views

Improper Control of Generation of Code ('Code Injection')

@asyncapi/java-spring-cloud-stream-template generates a Spring Cloud Stream SCSt microservice. arbitrary code injection was possible when an attacker controls the AsyncAPI document. An example is provided in GHSA-xj6r-2jpm-qvxp. There are no mitigations available and all users are advised to upda...

8.7CVSS4.5AI score0.00877EPSS
Exploits1References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/23 12:0 a.m.•17 views

Potential privilege escalation on Kubernetes >= v1.19 when the Argo Sever is run with `--auth-mode=client`

Impact This is pro-active fix. No know exploits exist. Impacted: You're running Kubernetes = v1.19 You're running Argo Server It is configured to with --auth-mode=client Is not configured with --auth-mode=server You are not running Argo Server in Kubernetes pod. E.g. on bare metal or other VM...

1.6AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/23 12:0 a.m.•13 views

Argo Server TLS requests could be forged by attacker with network access

Impact We are not aware of any exploits. This is a pro-active fix. Impacted: You are running Argo Server = v3.0 with --secure unspecified note - running in secure mode is recommended regardless. The attacker is within your network. If you expose Argo Server to the Internet then "your network" is...

0.8AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/16 12:0 a.m.•42 views

Path Traversal

bblfshd is an open source self-hosted server for source code parsing. In bblfshd there is a zipslip vulnerability. The unsafe handling of symbolic links in an unpacking routine may enable attackers to read and/or write to arbitrary locations outside the designated target folder. This issue may le...

9.1CVSS1.8AI score0.00918EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/13 12:0 a.m.•42 views

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Bouncy Castle BC Java before 1.66, BC C .NET before 1.8.7, BC-FJA before 1.0.1.2, 1.0.2.1, and BC-FNA before 1.0.1.1 have a timing issue within the EC math library that can expose information about the private key when an attacker is able to observe timing information for the generation of multip...

5.9CVSS6.7AI score0.01522EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/09 12:0 a.m.•61 views

Open Redirect in Flask-User

This affects all versions of package Flask-User. When using the makesafeurl function, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple backslashes such as /////evil.com/path or \\evil.com/path. This vulnerability is only exploitable if an...

6.1CVSS6AI score0.01113EPSS
Exploits1References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/09 12:0 a.m.•50 views

Improper Input Validation

In Argo Workflows through 3.1.3, if EXPRESSIONTEMPLATES is enabled and untrusted users are allowed to specify input parameters when running workflows, an attacker may be able to disrupt a workflow because expression template output is evaluated...

6.5CVSS4.9AI score0.00963EPSS
Exploits1References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/09 12:0 a.m.•39 views

Improper Restriction of XML External Entity Reference

The package glances are vulnerable to XML External Entity XXE Injection via the use of Fault to parse untrusted XML data, which is known to be vulnerable to XML attacks...

9.8CVSS5.9AI score0.01639EPSS
Exploits1References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/05 12:0 a.m.•64 views

Remote Code Execution via unsafe classes in otherwise permitted modules

The module AccessControl defines security policies for Python code used in restricted code within Zope applications. Restricted code is any code that resides in Zope's object database, such as the contents of Script Python objects. The policies defined in AccessControl severely restrict access to...

7.2CVSS7.5AI score0.02032EPSS
Exploits0References13Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/02 12:0 a.m.•22 views

Incorrect Permission Assignment for Critical Resource

The File Session Manager in Beego 1.10.0 allows local users to read session files because there is a race condition involving file creation within a directory with weak permissions...

4.7CVSS3AI score0.00199EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/02 12:0 a.m.•46 views

Incorrect Permission Assignment for Critical Resource

The File Session Manager in Beego 1.10.0 allows local users to read session files because there is a race condition involving file creation within a directory with weak permissions...

4.7CVSS3AI score0.00199EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/02 12:0 a.m.•19 views

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in github.com/argoproj/argo-workflows...

3.8AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/02 12:0 a.m.•49 views

Improperly Controlled Modification of Dynamically-Determined Object Attributes

Zope is an open-source web application server. Zope versions have a remote code execution security issue...

7.5CVSS6.2AI score0.02277EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/08/02 12:0 a.m.•47 views

Incorrect Access Control in Nacos

Nacos 1.1.4 is affected by: Incorrect Access Control. An environment can be set up locally to get the service details interface. Then other Nacos service names can be accessed through the service list interface. Service details can then be accessed when not logged in...

5.3CVSS1.6AI score0.0142EPSS
Exploits1References5Affected Software1
Total number of security vulnerabilities1518