Lucene search
K
GitlabRecent

1518 matches found

GitLab Advisory Database
GitLab Advisory Database
•added 2021/07/26 12:0 a.m.•37 views

Improper Restriction of Excessive Authentication Attempts

As of v1.5.0, the Argo API does not implement anti-automation measures such as rate limiting, account lockouts, or other anti-bruteforce measures. Attackers can submit an unlimited number of authentication attempts without consequence...

7.5CVSS4AI score0.02157EPSS
Exploits1References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/07/26 12:0 a.m.•62 views

Insecure Default Initialization of Resource

As of v1.5.0, the default admin password is set to the argocd-server pod name. For insiders with access to the cluster or logs, this issue could be abused for privilege escalation, as Argo has privileged roles. A malicious insider is the most realistic threat, but pod names are not meant to be ke...

8.8CVSS4AI score0.018EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/07/23 12:0 a.m.•28 views

Out-of-bounds Write

Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out-of-bounds write on the heap with the possibility of remote code execution...

9.8CVSS3.9AI score0.03284EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/07/06 12:0 a.m.•32 views

Uncontrolled Resource Consumption

Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. An uncontrolled resource consumption vulnerability exists Within the URI template implementation in Addressable, a maliciously crafted template may result in uncontrolled resource...

7.5CVSS2.3AI score0.02199EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/29 12:0 a.m.•35 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Cross-site scripting XSS vulnerability in models/issue.go in Gogs aka Go Git Service 0.3.1-9 through 0.5.x before 0.5.8 allows remote attackers to inject arbitrary web script or HTML via the text parameter to api/v1/markdown...

4.3CVSS5.5AI score0.01909EPSS
Exploits3References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/29 12:0 a.m.•44 views

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

SQL injection vulnerability in the GetIssues function in models/issue.go in Gogs aka Go Git Service 0.3.1-9 through 0.5.6.x before 0.5.6.1025 Beta allows remote attackers to execute arbitrary SQL commands via the label parameter to user/repos/issues...

7.5CVSS8.3AI score0.04437EPSS
Exploits5References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/29 12:0 a.m.•49 views

URL Redirection to Untrusted Site ('Open Redirect')

Open redirect vulnerability in Gogs before 0.12 allows remote attackers to redirect users to arbitrary websites and conduct phishing attacks via an initial /\ substring in the user/login redirectto parameter, related to the function isValidRedirect in routes/user/auth.go...

6.1CVSS5.6AI score0.01316EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/29 12:0 a.m.•31 views

URL Redirection to Untrusted Site (Open Redirect)

PowerMux is a drop-in replacement for Go's http.ServeMux. In PowerMux, attackers may be able to craft phishing links and other open redirects by exploiting the trailing slash redirection feature. This may lead to users being redirected to untrusted sites after following an attacker crafted link...

6.1CVSS3.6AI score0.00606EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/29 12:0 a.m.•56 views

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Multiple SQL injection vulnerabilities in Gogs aka Go Git Service 0.3.1-9 through 0.5.x before 0.5.6.1105 Beta allow remote attackers to execute arbitrary SQL commands via the q parameter to 1 api/v1/repos/search, which is not properly handled in models/repo.go, or 2 api/v1/users/search, which is...

7.5CVSS8.3AI score0.33391EPSS
Exploits5References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/25 12:0 a.m.•58 views

Cross-site Scripting

nextjs-auth0 lacks HTML escaping for error messages...

8CVSS0.8AI score0.01403EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/23 12:0 a.m.•23 views

Exposure of Sensitive Information to an Unauthorized Actor

Helm is a tool for managing Charts packages of pre-configured Kubernetes resources. In versions of helm prior to 3.6.1, a vulnerability exists where the username and password credentials associated with a Helm repository could be passed on to another domain referenced by that Helm repository. Thi...

8.6CVSS1.8AI score0.01395EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/23 12:0 a.m.•61 views

Inadequate Encryption Strength

go-jose before 1.0.4 suffers from an invalid curve attack for the ECDH-ES algorithm. When deriving a shared key using ECDH-ES for an encrypted message, go-jose neglected to check that the received public key on a message is on the same curve as the static private key of the receiver, thus making ...

9.1CVSS3.6AI score0.01411EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/23 12:0 a.m.•17 views

Repository credentials passed to alternate domain

While working on the Helm source, a Helm core maintainer discovered a situation where the username and password credentials associated with a Helm repository could be passed on to another domain referenced by that Helm repository. Impact The index.yaml within a Helm chart repository contains a...

7.3AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/23 12:0 a.m.•28 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Helm is open-source software which is essentially "The Kubernetes Package Manager". Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. In Helm from version 3.0 and before version 3.5.2, there a few cases where data loaded from potentially untrusted...

6.8CVSS0.2AI score0.0103EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/23 12:0 a.m.•31 views

Improper Certificate Validation

Go before 1.12.16 and 1.13.x before 1.13.7 and the crypto/cryptobyte package before 0.0.0-20200124225646-8b5121be2f68 for Go allows attacks on clients resulting in a panic via a malformed X.509 certificate...

7.8CVSS4.7AI score0.02582EPSS
Exploits0References16Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/23 12:0 a.m.•34 views

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

In Helm greater than or equal to 3.0.0 and less than 3.2.4, a path traversal attack is possible when installing Helm plugins from a tar archive over HTTP. It is possible for a malicious plugin author to inject a relative path into a plugin archive, and copy a file outside of the intended director...

8.5CVSS2AI score0.01458EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/22 12:0 a.m.•16 views

Missing Authentication for Critical Function

The vulnerability allows an attacker to substitute or modify packages retrieved from BC thus allowing to inject malicious code into ballerina executables...

9.1CVSS4AI score0.00579EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/21 12:0 a.m.•53 views

Exposure of Resource to Wrong Sphere

The Jetpack Carousel module of the JetPack WordPress plugin allows users to create a carousel type image gallery and allows users to comment on the images. A security vulnerability was found within the Jetpack Carousel module by nguyenhgvcs that allowed the comments of non-published page/posts to...

5.3CVSS3.5AI score0.01494EPSS
Exploits2References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/16 12:0 a.m.•46 views

Uncontrolled Resource Consumption

JPA Server in HAPI FHIR before 5.4.0 allows a user to deny service e.g., disable access to the database after the attack stops via history requests. This occurs because of a SELECT COUNT statement that requires a full index scan, with an accompanying large amount of server resources if there are...

5.3CVSS4.3AI score0.01587EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/16 12:0 a.m.•61 views

Improper Authentication

Apollos Apps is an open source platform for launching church-related apps. In Apollos Apps, new user registrations are able to access anyone's account by only knowing their basic profile information name, birthday, gender, etc. This includes all app functionality within the app, as well as any...

9.8CVSS1.4AI score0.01458EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/15 12:0 a.m.•56 views

go.mongodb.org/mongo-driver improperly validates cstrings when marshalling Go objects into BSON

Specific cstrings input may not be properly validated in the MongoDB Go Driver when marshalling Go objects into BSON. A malicious user could use a Go object with specific string to potentially inject additional fields into marshalled documents. This issue affects all MongoDB GO Drivers up to and...

6.8CVSS6.4AI score0.00961EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/15 12:0 a.m.•37 views

Open redirect in Flask-Unchained

This affects the package Flask-Unchained before 0.9.0. When using the the validateredirecturl function, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\evil.com/path. This vulnerability is only exploitable if an...

5.8CVSS5.7AI score0.00716EPSS
Exploits0References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/10 12:0 a.m.•38 views

Improper Input Validation

Specific cstrings input may not be properly validated in the MongoDB Go Driver when marshalling Go objects into BSON. A malicious user could use a Go object with specific string to potentially inject additional fields into marshalled documents...

6.8CVSS4.2AI score0.00961EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/08 12:0 a.m.•36 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The media2click aka 2 Clicks for External Media extension 1.x before 1.3.3 for TYPO3 allows XSS by a backend user account...

5.4CVSS3.7AI score0.00534EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/07 12:0 a.m.•50 views

Deserialization of Untrusted Data

QOS.ch Logback before 1.2.0 has a serialization vulnerability affecting the SocketServer and ServerSocketReceiver components...

9.8CVSS5AI score0.07501EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/04 12:0 a.m.•48 views

Improper Verification of Cryptographic Signature

bubble fireworks is an open source java package relating to Spring Framework. In bubble fireworks BUILD-SNAPSHOT there is a vulnerability in which the package did not properly verify the signature of JSON Web Tokens. This allows to forgery of valid JWTs...

7.5CVSS2.9AI score0.00595EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/01 12:0 a.m.•19 views

Improper Verification of Cryptographic Signature in aws-encryption-sdk-javascript

This ESDK supports a streaming mode where callers may stream the plaintext of signed messages before the ECDSA signature is validated. In addition to these signatures, the ESDK uses AES-GCM encryption and all plaintext is verified before being released to a caller. There is no impact on the...

1.8AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/01 12:0 a.m.•14 views

Improper Verification of Cryptographic Signature in aws-encryption-sdk-java

This advisory addresses several LOW severity issues with streaming signed messages and restricting processing of certain types of invalid messages...

2.4AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/06/01 12:0 a.m.•16 views

Improper Verification of Cryptographic Signature in aws-encryption-sdk-javascript

This advisory addresses several LOW severity issues with streaming signed messages and restricting processing of certain types of invalid messages. This ESDK supports a streaming mode where callers may stream the plaintext of signed messages before the ECDSA signature is validated...

3AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/27 12:0 a.m.•13 views

Listing of upload directory contents possible

There's an security issue in prosody-filer versions 1.0.1 which leads to unwanted directory listings of download directories. An attacker is able to list previous uploads of a certain user by shortening the URL and accessing a URL subdirectors other than /upload/ or the corresponding user defined...

3.6AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/27 12:0 a.m.•39 views

Observable Response Discrepancy in Flask-AppBuilder

User enumeration in database authentication in Flask-AppBuilder = 3.2.3. Allows for a non authenticated user to enumerate existing accounts by timing the response time from the server when you are logging in...

5.3CVSS5.1AI score0.03404EPSS
Exploits0References13Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/27 12:0 a.m.•52 views

Exposure of Sensitive Information to an Unauthorized Actor

Their is an information disclosure vulnerability in Helm from version 3.1.0 and before version 3.2.0. lookup is a Helm template function introduced in Helm v3. It is able to lookup resources in the cluster to check for the existence of specific resources and get details about them. This can be us...

8.5CVSS0.4AI score0.0126EPSS
Exploits1References6Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/27 12:0 a.m.•28 views

Possible Information Disclosure / Unintended Method Execution

There is a possible information disclosure / unintended method execution vulnerability in Action Pack when using the redirectto or polymorphicurl helper with untrusted user input...

7.5CVSS1.8AI score0.04195EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/26 12:0 a.m.•29 views

Information Exposure

An issue was discovered in in HyperKitty When importing a private mailing list's archives, these archives are publicly visible for the duration of the import...

7.5CVSS1.7AI score0.01846EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/25 12:0 a.m.•32 views

Uncontrolled Search Path Element

git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations most often seen on Windows...

9.8CVSS2.7AI score0.01719EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/25 12:0 a.m.•56 views

Uncontrolled Search Path Element

git-bug before 0.7.2 has an Uncontrolled Search Path Element. It will execute git.bat from the current directory in certain PATH situations most often seen on Windows...

9.8CVSS2.7AI score0.01719EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/24 12:0 a.m.•40 views

NULL Pointer Dereference

In teler before version 0.0.1, if you run teler inside a Docker container and encounter errors.Exit function, it will cause denial-of-service SIGSEGV because it doesn't get process ID and process group ID of teler properly to kills. The issue is patched in teler 0.0.1 and 0.0.1-dev5.1...

7.5CVSS3.6AI score0.01412EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/24 12:0 a.m.•35 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

In Helm before versions 2.16.11 and 3.3.2 plugin names are not sanitized properly. As a result, a malicious plugin author could use characters in a plugin name that would result in unexpected behavior, such as duplicating the name of another plugin or spoofing the output to helm --help. This issu...

4CVSS1.6AI score0.00962EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/24 12:0 a.m.•29 views

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin's install hooks, causing a local execution attack. To perform thi...

6.5CVSS3.6AI score0.01517EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/24 12:0 a.m.•46 views

Use of Multiple Resources with Duplicate Identifier

In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad chart into a repository. To perform this attack, an attacker...

4CVSS2.3AI score0.00883EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/24 12:0 a.m.•30 views

Use of Multiple Resources with Duplicate Identifier

In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad chart into a repository. To perform this attack, an attacker...

4CVSS2.3AI score0.00883EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/24 12:0 a.m.•31 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

In Helm before versions 2.16.11 and 3.3.2 plugin names are not sanitized properly. As a result, a malicious plugin author could use characters in a plugin name that would result in unexpected behavior, such as duplicating the name of another plugin or spoofing the output to helm --help. This issu...

4CVSS1.6AI score0.00962EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/24 12:0 a.m.•27 views

Use of Multiple Resources with Duplicate Identifier

In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad chart into a repository. To perform this attack, an attacker...

4CVSS2.3AI score0.00883EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/24 12:0 a.m.•42 views

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin's install hooks, causing a local execution attack. To perform thi...

6.5CVSS3.6AI score0.01517EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/24 12:0 a.m.•36 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

In Helm before versions 2.16.11 and 3.3.2 plugin names are not sanitized properly. As a result, a malicious plugin author could use characters in a plugin name that would result in unexpected behavior, such as duplicating the name of another plugin or spoofing the output to helm --help. This issu...

4CVSS1.6AI score0.00962EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/24 12:0 a.m.•44 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

In Helm before versions 2.16.11 and 3.3.2 there is a bug in which the alias field on a Chart.yaml is not properly sanitized. This could lead to the injection of unwanted information into a chart. This issue has been patched in Helm 3.3.2 and 2.16.11. A possible workaround is to manually review th...

4CVSS2.4AI score0.01029EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/24 12:0 a.m.•37 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

In Helm before versions 2.16.11 and 3.3.2 there is a bug in which the alias field on a Chart.yaml is not properly sanitized. This could lead to the injection of unwanted information into a chart. This issue has been patched in Helm 3.3.2 and 2.16.11. A possible workaround is to manually review th...

4CVSS2.4AI score0.01029EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/24 12:0 a.m.•46 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

In Helm before versions 2.16.11 and 3.3.2 there is a bug in which the alias field on a Chart.yaml is not properly sanitized. This could lead to the injection of unwanted information into a chart. This issue has been patched in Helm 3.3.2 and 2.16.11. A possible workaround is to manually review th...

4CVSS2.4AI score0.01029EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/24 12:0 a.m.•47 views

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last one always used. If a plugin is compromised, this lowers the level of access that an attacker needs to modify a plugin's install hooks, causing a local execution attack. To perform thi...

6.5CVSS3.6AI score0.01517EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/21 12:0 a.m.•12 views

RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be

A security-sensitive bug was discovered by Open Source Developer Erik Sundell of Sundell Open Source Consulting AB. The functions RandomAlphaNumericint and CryptoRandomAlphaNumericint are not as random as they should be. Small values of int in the functions above will return a smaller subset of...

7.3AI score
Exploits0References6Affected Software1
Total number of security vulnerabilities1518