Lucene search
K
GitlabRecent

1518 matches found

GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/21 12:0 a.m.•33 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The package github.com/argoproj/argo-cd/cmd before 1.7.13, from 1.8.0 and before 1.8.6 are vulnerable to Cross-site Scripting XSS the SSO provider connected to Argo CD would have to send back a malicious error message containing JavaScript to the user...

4.8CVSS1.8AI score0.00535EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/21 12:0 a.m.•19 views

Helm OCI credentials leaked into Argo CD logs

Impact When Argo CD was connected to a Helm OCI repository with authentication enabled, the credentials used for accessing the remote repository were logged. Anyone with access to the pod logs - either via access with appropriate permissions to the Kubernetes control plane or a third party log...

0.2AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/21 12:0 a.m.•15 views

RandomAlphaNumeric and CryptoRandomAlphaNumeric are not as random as they should be

A security-sensitive bug was discovered by Open Source Developer Erik Sundell of Sundell Open Source Consulting AB. The functions RandomAlphaNumericint and CryptoRandomAlphaNumericint are not as random as they should be...

1.5AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/20 12:0 a.m.•15 views

Local directory executable lookup in sops (Windows-only)

Impact Windows users using the sops direct editor option sops file.yaml can have a local executable named either vi, vim, or nano executed if running sops from cmd.exe This attack is only viable if an attacker is able to place a malicious binary within the directory you are running sops from. As...

0.4AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/18 12:0 a.m.•46 views

Improper Input Validation

Cloud Foundry Routing, all versions before 0.193.0, does not properly validate nonce input. A remote unauthenticated malicious user could forge an HTTP route service request using an invalid nonce that will cause the Gorouter to crash...

8.6CVSS2AI score0.0151EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/18 12:0 a.m.•57 views

Improper Input Validation

Cloud Foundry Routing, all versions before 0.193.0, does not properly validate nonce input. A remote unauthenticated malicious user could forge an HTTP route service request using an invalid nonce that will cause the Gorouter to crash...

8.6CVSS2AI score0.0151EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/18 12:0 a.m.•51 views

Improper Authentication

Improper authentication is possible in Apache Traffic Control versions 3.0.0 and 3.0.1 if LDAP is enabled for login in the Traffic Ops API component. Given a username for a user that can be authenticated via LDAP, it is possible to improperly authenticate as that user without that user's correct...

9.8CVSS4.7AI score0.03455EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/18 12:0 a.m.•52 views

Improper Preservation of Permissions

In Gogs 0.11.91, MakeEmailPrimary in models/usermail.go lacks a "not the owner of the email" check...

6.5CVSS3.4AI score0.0093EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/18 12:0 a.m.•50 views

Insertion of Sensitive Information into Log File

The Elastic APM agent for Go versions before 1.11.0 can leak sensitive HTTP header information when logging the details during an application panic. Normally, the APM agent will sanitize sensitive HTTP header details before sending the information to the APM server. During an application panic it...

2.7CVSS0.4AI score0.00521EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/18 12:0 a.m.•36 views

Improper Access Control

go-jose before 1.0.4 suffers from multiple signatures exploitation. The go-jose library supports messages with multiple signatures. However, when validating a signed message the API did not indicate which signature was valid, which could potentially lead to confusion. For example, users of the...

7.5CVSS2.4AI score0.01967EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/18 12:0 a.m.•26 views

Missing Authorization

routes/api/v1/api.go in Gogs 0.11.86 lacks permission checks for routes: deploy keys, collaborators, and hooks...

9.8CVSS3.2AI score0.01528EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/18 12:0 a.m.•53 views

Loop with Unreachable Exit Condition ('Infinite Loop')

The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to...

7.5CVSS2.9AI score0.01855EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/18 12:0 a.m.•26 views

Out-of-bounds Read

In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data...

7.5CVSS2.3AI score0.06849EPSS
Exploits0References14Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/18 12:0 a.m.•42 views

Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

Improper input validation in the Kubernetes API server in versions v1.0-1.12 and versions prior to v1.13.12, v1.14.8, v1.15.5, and v1.16.2 allows authorized users to send malicious YAML or JSON payloads, causing the API server to consume excessive CPU or memory, potentially crashing and becoming...

7.5CVSS3AI score0.25939EPSS
Exploits2References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/17 12:0 a.m.•32 views

Prototype pollution in 101

Prototype pollution vulnerability in '101' versions 1.0.0 through 1.6.3 allows an attacker to cause a denial of service and may lead to remote code execution...

9.8CVSS9.5AI score0.03299EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/17 12:0 a.m.•70 views

Open Redirect in Flask-Security-Too

Flask-Security allows redirects after many successful views e.g. /login by honoring the ?next query param. There is code in FS to validate that the url specified in the next parameter is either relative OR has the same netloc network location as the requesting URL. This check utilizes Pythons...

6.1CVSS5.2AI score0.03289EPSS
Exploits0References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/13 12:0 a.m.•59 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ACS Commons version 4.9.2 and earlier suffers from a Reflected Cross-site Scripting XSS vulnerability in version-compare and page-compare due to invalid JCR characters that are not handled correctly. An attacker could potentially exploit this vulnerability to inject malicious JavaScript content...

6.1CVSS1.8AI score0.03337EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/13 12:0 a.m.•26 views

Use After Free

A possible use-after-free and double-free in c-ares lib if aresdestroy is called prior to aresgetaddrinfo completing. This flaw possibly allows an attacker to crash the service that uses c-ares lib. The highest threat from this vulnerability is to this service availability...

3.3CVSS2.6AI score0.00529EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/12 12:0 a.m.•49 views

Missing Authorization

Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object...

9.8CVSS4AI score0.02436EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/10 12:0 a.m.•47 views

Uncontrolled Resource Consumption

JPA Server in HAPI FHIR allows a user to deny service e.g., disable access to the database after the attack stops via history requests. This occurs because of a SELECT COUNT statement that requires a full index scan, with an accompanying large amount of server resources if there are many...

5.3CVSS4.3AI score0.01587EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/05/06 12:0 a.m.•25 views

Server-Side Request Forgery (SSRF)

An SSRF issue in Open Distro for Elasticsearch ODFE allows an existing privileged user to enumerate listening services or interact with configured resources via HTTP requests exceeding the Alerting plugin's intended scope...

7.1CVSS2.3AI score0.00893EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/04/27 12:0 a.m.•48 views

Missing Authentication for Critical Function

Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos, the ConfigOpsController lets the user perform management operations like querying the database or even wiping it out. While the /data/remove endpoint is properly protected with the...

8.6CVSS2.3AI score0.64697EPSS
Exploits2References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/04/27 12:0 a.m.•27 views

Missing Authentication for Critical Function

Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos before version 1.4.1, the ConfigOpsController lets the user perform management operations like querying the database or even wiping it out. While the /data/remove endpoint is properly...

8.6CVSS3.2AI score0.64697EPSS
Exploits2References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/04/27 12:0 a.m.•78 views

Authentication Bypass by Spoofing

Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos before version 1.4.1, when configured to use authentication -Dnacos.core.auth.enabled=true Nacos uses the AuthFilter servlet filter to enforce authentication. This filter has a backdoor...

9.8CVSS1.7AI score0.74242EPSS
Exploits2References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/04/27 12:0 a.m.•60 views

Authentication Bypass by Spoofing

Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos, when configured to use authentication -Dnacos.core.auth.enabled=true it uses the AuthFilter servlet filter to enforce authentication. This filter has a backdoor that enables Nacos server...

9.8CVSS1.1AI score0.74242EPSS
Exploits2References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/04/21 12:0 a.m.•26 views

Out-of-bounds Read

An issue was discovered in giflib DumpScreen2RGB in gif2rgb.c has a heap-based buffer over-read...

7.1CVSS3.1AI score0.02227EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/04/21 12:0 a.m.•31 views

Out-of-bounds Read

A heap-based buffer over-read was discovered in cpp-peglib's peg::resolveescapesequence in peglib.h...

5.5CVSS2.3AI score0.00893EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/04/21 12:0 a.m.•52 views

NULL Pointer Dereference

A NULL pointer dereference was discovered in cpp-peglib's peg::AstOptimizer::optimize located in peglib.h. It allows an attacker to cause a Denial of Service...

5.5CVSS3.8AI score0.00869EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/04/08 12:0 a.m.•16 views

Cross-Site Request Forgery

Cross-Site Request Forgery in Flask-Security-Too...

2.6AI score
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/03/25 12:0 a.m.•61 views

Integer Overflow or Wraparound

A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...

9.8CVSS3.4AI score0.04983EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/03/18 12:0 a.m.•37 views

Stack-based Buffer Overflow

A flaw was found in cairo's image-compositor.c in all This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untrusted input to cause a stack...

7.8CVSS3.9AI score0.01112EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/03/11 12:0 a.m.•42 views

Improper Link Resolution Before File Access

When gfilereplace is used with GFILECREATEREPLACEDESTINATION to replace a path that is a dangling symlink, it incorrectly also creates the target of the symlink as an empty file, which could conceivably have security relevance if the symlink is attacker-controlled...

5.3CVSS1.2AI score0.02622EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/03/05 12:0 a.m.•36 views

Observable Timing Discrepancy

The activerecord-sessionstore aka Active Record Session Store component for Ruby on Rails does not use a constant-time approach when delivering information about whether a guessed session ID is valid. Consequently, remote attackers can leverage timing discrepancies to achieve a correct guess in a...

5.3CVSS3.2AI score0.01835EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/25 12:0 a.m.•24 views

Insecure Temporary File

A Insecure Temporary File vulnerability in the packaging of cyrus-sasl of openSUSE Factory allows local attackers to escalate to root...

7CVSS4.7AI score0.0038EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/22 12:0 a.m.•23 views

Observable Timing Discrepancy

Constant-time computations are not used for certain decoding and encoding operations base32, base58, base64, and hex...

9.8CVSS1AI score0.01976EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/15 12:0 a.m.•29 views

Incorrect Conversion between Numeric Types

An issue was discovered in GNOME GLib The function gbytesnew has an integer overflow on platforms due to an implicit cast from bits to bits. The overflow could potentially lead to memory corruption...

7.5CVSS4.4AI score0.02993EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/15 12:0 a.m.•35 views

Incorrect Conversion between Numeric Types

An issue was discovered in GNOME GLib If gbytearraynewtake was called with a buffer of 4GB or more on a platform, the length would be truncated modulo 232, causing unintended length truncation...

7.5CVSS3.1AI score0.0408EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/12 12:0 a.m.•28 views

Uncontrolled Resource Consumption

In Apache Thrift to, malicious RPC clients could send short messages which would result in a large memory allocation, potentially leading to denial of service...

7.5CVSS2.5AI score0.06779EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/11 12:0 a.m.•27 views

Uncontrolled Resource Consumption

The PostgreSQL adapter in Active Record suffers from a regular expression denial of service REDoS vulnerability. Carefully crafted input can cause the input validation in the money type of the PostgreSQL adapter in Active Record to spend too much time in a regular expression, resulting in the...

7.5CVSS3.6AI score0.04434EPSS
Exploits1References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/10 12:0 a.m.•35 views

Integer Overflow or Wraparound

A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability...

9.8CVSS3.4AI score0.0586EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/10 12:0 a.m.•39 views

NULL Pointer Dereference

A denial-of-service vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...

7.5CVSS1.4AI score0.02267EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/10 12:0 a.m.•39 views

NULL Pointer Dereference

A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...

7.5CVSS1.4AI score0.03023EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/10 12:0 a.m.•48 views

NULL Pointer Dereference

A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...

7.5CVSS1.4AI score0.03023EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/10 12:0 a.m.•38 views

NULL Pointer Dereference

A denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability...

7.5CVSS1.4AI score0.03023EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/08 12:0 a.m.•30 views

Integer Overflow or Wraparound

An integer overflow issue exists in Godot Engine that can be triggered when loading specially crafted TGA image files...

7.8CVSS4.4AI score0.01505EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/08 12:0 a.m.•28 views

Out-of-bounds Write

A stack overflow issue exists in Godot Engine up to v3.2 and is caused by improper boundary checks when loading .TGA image files. Depending on the context of the application, attack vector can be local or remote, and can lead to code execution and/or system crash...

7.8CVSS3.2AI score0.01505EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/08 12:0 a.m.•21 views

Key Caching behavior in the DynamoDB Encryption Client.

Impact This advisory concerns users of MostRecentProvider in the DynamoDB Encryption Client with a key provider like AWS Key Management Service that allows for permissions on keys to be modified. When key usage permissions were changed at the key provider, time-based key reauthorization logic in...

2.3AI score
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/02 12:0 a.m.•28 views

Use After Free

Acrobat Reader DC versions versions 2020.013.20074 and earlier, 2020.001.30018 and earlier and 2017.011.30188 and earlier are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current...

8.8CVSS5.9AI score0.03977EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/02/01 12:0 a.m.•40 views

Regular Expression Denial of Service

The ReDOS vulnerability of the regex is mainly due to the sub-pattern a-zA-Z0-9.-+.a-zA-Z0-9.-+ This issue can be mitigated by Markdown to format user content instead of the urlize filter, or by implementing request timeouts and limiting process memory...

5.3CVSS3.5AI score0.03546EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/01/26 12:0 a.m.•37 views

Incorrect Permission Assignment for Critical Resource

When ORT now via atstccfg generates ipallow.config files in Apache Traffic Control to to, those files include permissions that allow bad actors to push arbitrary content into and remove arbitrary content from CDN cache servers. Additionally, these permissions are potentially extended to IP...

5.8CVSS3.1AI score0.03928EPSS
Exploits0References1Affected Software1
Total number of security vulnerabilities1518