Lucene search
K
GitlabRecent

1518 matches found

GitLab Advisory Database
GitLab Advisory Database
•added 2021/01/21 12:0 a.m.•27 views

Incorrect Authorization

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status which is considered a privileged operation and should not...

6.3CVSS4.9AI score0.09274EPSS
Exploits3References1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/01/21 12:0 a.m.•44 views

Incorrect Authorization

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status which is considered a privileged operation and should not...

6.3CVSS4.9AI score0.09274EPSS
Exploits3References1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/01/11 12:0 a.m.•25 views

CSRF can expose users authentication token

Issue The /login and /change endpoints can return the authenticated user's authentication token in response to a GET request. Since GET requests aren't protected with a CSRF token, this could lead to a malicious 3rd party site acquiring the authentication token. Patches Version 3.4.5 and soon to ...

7.4CVSS7.2AI score0.00917EPSS
Exploits0References9Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2021/01/06 12:0 a.m.•41 views

Regular Expression Denial of Service in CairoSVG

When processing SVG files, the python package CairoSVG uses two regular expressions which are vulnerable to Regular Expression Denial of Service REDoS. If an attacker provides a malicious SVG, it can make cairosvg get stuck processing the file for a very long time...

5.7CVSS5.6AI score0.01466EPSS
Exploits1References8Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/12/17 12:0 a.m.•32 views

Nil Pointer Dereference

A nil pointer dereference in the golang.org/x/crypto/ssh component enables remote attackers to cause a DoS against SSH servers...

7.5CVSS4.2AI score0.03228EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/12/14 12:0 a.m.•37 views

Integer Overflow or Wraparound

DISPUTED GNOME GLib has an integer overflow, that might lead to an out-of-bounds write, in goptiongroupaddentries. NOTE: the vendor's position is "Realistically this is not a security issue. The standard pattern is for callers to provide a static list of option entries in a fixed number of calls ...

7.8CVSS3.7AI score0.00567EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/12/07 12:0 a.m.•28 views

Inclusion of Sensitive Information in Log Files

In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log...

5.5CVSS2.5AI score0.00505EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/12/07 12:0 a.m.•28 views

Inclusion of Sensitive Information in Log Files

In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl...

5.5CVSS1AI score0.00512EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/12/07 12:0 a.m.•37 views

Inclusion of Sensitive Information in Log Files

In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials...

5.5CVSS3.2AI score0.00461EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/12/07 12:0 a.m.•61 views

Inclusion of Sensitive Information in Log Files

In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during provisioning of Ceph RBD persistent claims...

5.5CVSS2.3AI score0.0052EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/12/03 12:0 a.m.•22 views

Out-of-bounds Write

CImg suffers from integer overflows leading to heap buffer overflows in loadpnm that can be triggered by a specially crafted input file processed by CImg, which can lead to an impact to application availability or data integrity...

8.1CVSS5AI score0.01467EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/12/02 12:0 a.m.•34 views

Access of Resource Using Incompatible Type ('Type Confusion')

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS2.9AI score0.48574EPSS
Exploits3References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/12/02 12:0 a.m.•42 views

Access of Resource Using Incompatible Type ('Type Confusion')

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS2.9AI score0.48574EPSS
Exploits3References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/12/02 12:0 a.m.•35 views

Access of Resource Using Incompatible Type ('Type Confusion')

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS2.9AI score0.48574EPSS
Exploits3References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/12/02 12:0 a.m.•32 views

Access of Resource Using Incompatible Type ('Type Confusion')

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS2.9AI score0.48574EPSS
Exploits3References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/11/27 12:0 a.m.•27 views

Out-of-bounds Write

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

9.6CVSS2.6AI score0.02826EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/11/27 12:0 a.m.•34 views

Out-of-bounds Write

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

9.6CVSS2.6AI score0.02826EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/11/27 12:0 a.m.•35 views

Use After Free

Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS2.2AI score0.02747EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/11/27 12:0 a.m.•29 views

Out-of-bounds Write

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

9.6CVSS2.6AI score0.02826EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/11/27 12:0 a.m.•29 views

Use After Free

Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS2.2AI score0.02747EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/11/27 12:0 a.m.•34 views

Use After Free

Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS2.2AI score0.02747EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/11/27 12:0 a.m.•32 views

Use After Free

Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

9.6CVSS2.2AI score0.02747EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/11/27 12:0 a.m.•29 views

Out-of-bounds Write

Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

9.6CVSS2.6AI score0.02826EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/11/19 12:0 a.m.•34 views

Uncontrolled Resource Consumption

c-ares' aresparsea,aaaareply suffers from a Denial Of Service due to insufficient naddrttls validation...

7.5CVSS3.8AI score0.54164EPSS
Exploits0References3Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/11/13 12:0 a.m.•27 views

SQL Injection

In fastadmin-tp6 v1.0, in the file app/admin/controller/Ajax.php the 'table' parameter passed is not filtered so a malicious parameter can be passed for SQL injection...

7.2CVSS2.9AI score0.01028EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/11/05 12:0 a.m.•32 views

Uncontrolled Resource Consumption

This affects the package @absolunet/kafe It allows cause a denial of service when validating crafted invalid emails...

5.3CVSS3.9AI score0.01555EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/11/04 12:0 a.m.•40 views

Deserialization of Untrusted Data

DatabaseSchemaViewer is vulnerable to arbitrary code execution if a user is tricked into opening a specially crafted .dbschema file. As a workaround, ensure .dbschema files from untrusted sources are not opened...

8CVSS3.5AI score0.02013EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/10/27 12:0 a.m.•40 views

Out-of-bounds Write

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

9.6CVSS3.4AI score0.5063EPSS
Exploits2References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/10/27 12:0 a.m.•54 views

Out-of-bounds Write

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

9.6CVSS3.4AI score0.5063EPSS
Exploits2References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/10/27 12:0 a.m.•41 views

Out-of-bounds Write

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

9.6CVSS3.4AI score0.5063EPSS
Exploits2References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/10/27 12:0 a.m.•64 views

Out-of-bounds Write

Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

9.6CVSS3.4AI score0.5063EPSS
Exploits2References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/10/08 12:0 a.m.•27 views

Cross-site Scripting

Users of the HAPI FHIR Testpage Overlay can use a specially crafted URL to exploit an XSS vulnerability in this module, allowing arbitrary JavaScript to be executed in the user's browser. The impact of this vulnerability is believed to be low, as this module is intended for testing and not believ...

6.1CVSS3.3AI score0.00947EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/10/07 12:0 a.m.•31 views

Improper Input Validation

Apache Axis 1.4 and earlier, as used in PayPal Payments Pro, PayPal Mass Pay, PayPal Transactional Information SOAP, the Java Message Service implementation in Apache ActiveMQ, and other products, does not verify that the server hostname matches a domain name in the subject's Common Name CN or...

5.8CVSS4.1AI score0.05722EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/10/01 12:0 a.m.•70 views

Improper Input Validation

In the @actions/core npm module, addPath and exportVariable functions communicate with the Actions Runner over stdout by generating a string in a specific format. Workflows that log untrusted data to stdout may invoke these commands, resulting in the path or environment variables being modified...

5CVSS3.9AI score0.01501EPSS
Exploits2References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/09/30 12:0 a.m.•30 views

Information Exposure

Nacos suffers from a flaw where users can access service details when unauthenticated. An environment can be set up locally to get the service details interface. Then other Nacos service names can be accessed through the service list interface. Service details can then be accessed when not logged...

5.3CVSS3.4AI score0.0142EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/09/16 12:0 a.m.•52 views

Improper Input Validation

xmlquery lacks a check for whether a LoadURL response is in the XML format, which allows attackers to cause a denial of service SIGSEGV at xmlquery.Node.InnerText or possibly have unspecified other impact...

9.8CVSS6.4AI score0.01936EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/09/15 12:0 a.m.•31 views

Buffer Overflow

A buffer overflow exists in the Brotli library where an attacker controlling the input length of a one-shot decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB...

6.5CVSS2.2AI score0.03217EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/09/11 12:0 a.m.•50 views

Cross-site Scripting

In Action View there is a potential Cross-Site Scripting XSS vulnerability in Action View's translation helpers. Views that allow the user to control the default not found value of the t and translate helpers could be susceptible to XSS attacks. When an HTML-unsafe string is passed as the default...

6.1CVSS2.7AI score0.02372EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/09/10 12:0 a.m.•51 views

Improper Input Validation

apollo-adminservice does not implement access controls. If users expose apollo-adminservice to internetwhich is not recommended, there are potential security issues since apollo-adminservice is designed to work in intranet and it does not have access control built-in. Malicious hackers may access...

7CVSS4.1AI score0.01315EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/09/04 12:0 a.m.•17 views

Malicious Package

All versions of 1337qq-js contain malicious code. The package exfiltrates sensitive information through install scripts. It targets UNIX systems. The information exfiltrated includes: - Environment variables - Running processes - /etc/hosts - uname -a - npmrc file Remove the package from your...

3.5AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/09/03 12:0 a.m.•15 views

Malicious Package

of 8.9.4 contain malicious code as a preinstall script. The package reads the system's SSH keys but does not upload it to a remote server. Remove the package from your environment. There is no evidence of further compromise at the moment...

2.9AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/09/02 12:0 a.m.•10 views

Malicious Package

All versions of 4equest typosquatted a popular package of similar name and tracked users who had installed the incorrect package. The package uploaded information to a remote server including: name of the downloaded package, name of the intended package, the Node version and whether the process w...

3.9AI score
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/08/25 12:0 a.m.•34 views

Use After Free

GNU Bison has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug report was...

7.1CVSS0.6AI score0.01265EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/08/14 12:0 a.m.•28 views

Path Traversal

The resolveRepositoryPath function does not properly validate user input and a malicious user may traverse to any valid Git repository outside the repoRoot. This issue may lead to unauthorized access of private Git repositories as long as the malicious user knows or brute-forces the location of t...

7.5CVSS3.3AI score0.02942EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/07/27 12:0 a.m.•31 views

Improper Authentication

The Kubelet and kube-proxy components were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to running on the node or in the node's network namespace. Such a service is generally thought to be reachable only by other processes on the same host, but...

8.8CVSS2.1AI score0.03597EPSS
Exploits5References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/07/23 12:0 a.m.•31 views

Uncontrolled Resource Consumption

The Kubernetes kubelet component do not account for disk usage by a pod which writes to its own /etc/hosts file. The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral storage usage by a pod. If a pod writes a large amount of dat...

5.5CVSS0.7AI score0.00501EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/07/22 12:0 a.m.•28 views

URL Redirection to Untrusted Site (Open Redirect)

The Kubernetes kube-apiserver is vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise...

6.8CVSS3.4AI score0.061EPSS
Exploits3References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/07/02 12:0 a.m.•36 views

Improper Control of Generation of Code ('Code Injection')

The is a code injection vulnerability in versions of Rails that wouldallow an attacker who controlled the locals argument of a render call to perform a RCE...

8.8CVSS5AI score0.83085EPSS
Exploits10References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/06/30 12:0 a.m.•18 views

False positive

This advisory has been marked as a False Positive and has been removed...

5.5CVSS1.5AI score0.00401EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/06/24 12:0 a.m.•68 views

Information Exposure

An issue was discovered in the acf-to-rest-api plugin for WordPress. It allows an insecure direct object reference via permalinks manipulation, as demonstrated by a wp-json/acf/v3/options/ request that reads sensitive information in the wpoptions table, such as the login and password values...

7.5CVSS2.1AI score0.13463EPSS
Exploits2References1Affected Software1
Total number of security vulnerabilities1518