Lucene search
K
GitlabRecent

1518 matches found

GitLab Advisory Database
GitLab Advisory Database
•added 2020/06/19 12:0 a.m.•36 views

Deserialization of Untrusted Data

A deserialization of untrusted data vulnernerability exists in rails, rails that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE...

9.8CVSS5.2AI score0.45732EPSS
Exploits5References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/06/19 12:0 a.m.•29 views

Cross-Site Request Forgery (CSRF)

A CSRF vulnerability exists in rails rails-ujs module that could allow attackers to send CSRF tokens to wrong domains...

6.5CVSS4.8AI score0.01485EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/06/19 12:0 a.m.•42 views

Unrestricted Upload of File with Dangerous Type

A client side enforcement of server side security vulnerability exists in rails and rails ActiveStorage's S3 adapter that allows the Content-Length of a direct file upload to be modified by an end user bypassing upload limits...

7.5CVSS2.3AI score0.03065EPSS
Exploits1References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/06/17 12:0 a.m.•35 views

Loop with Unreachable Exit Condition (Infinite Loop)

The x/text package for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an...

7.5CVSS3AI score0.01855EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/06/15 12:0 a.m.•32 views

Uncontrolled Resource Consumption

GNU Bison allows attackers to cause a denial of service application crash...

5.5CVSS4.6AI score0.00401EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/06/10 12:0 a.m.•23 views

Deserialization of Untrusted Data

phpMussel from versions 1.0.0 and less than 1.6.0 has an unserialization vulnerability in PHP's phar wrapper. Uploading a specially crafted file to an affected version allows arbitrary code execution discovered, tested, and confirmed by myself, so the risk factor should be regarded as very high...

9.8CVSS3.8AI score0.02597EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/06/05 12:0 a.m.•60 views

Server-Side Request Forgery (SSRF)

The Kubernetes kube-controller-manager is vulnerable to a Server Side Request Forgery SSRF that allows certain authorized users to leak up to bytes of arbitrary information from unprotected endpoints within the master's host network such as link-local or loopback services...

6.3CVSS4.5AI score0.03679EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/05/21 12:0 a.m.•49 views

Information disclosure issue in Active Resource

There is a possible information disclosure issue in Active Resource v5.1.1 that could allow an attacker to create specially crafted requests to access data in an unexpected way and possibly leak information...

7.5CVSS7.1AI score0.02224EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/05/12 12:0 a.m.•46 views

Path Traversal

There is a vulnerability in actionpackpage-caching that allows an attacker to write arbitrary files to a web server, potentially resulting in remote code execution if the attacker can write unescaped ERB to a view...

9.8CVSS6.7AI score0.0525EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/05/05 12:0 a.m.•49 views

URL Redirection to Untrusted Site (Open Redirect)

macaron before has an open redirect in the static handler...

6.1CVSS0.8AI score0.01375EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/04/29 12:0 a.m.•24 views

Information Exposure

Actions Http-Client can disclose Authorization headers to incorrect domain in certain redirect scenarios. The conditions in which this happens are if consumers of the http-client: make an http request with an authorization header that request leads to a redirect 302 the redirect url redirects to...

7.5CVSS1.3AI score0.01737EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/04/23 12:0 a.m.•48 views

Cross-site Scripting

Anch allows admins to cause XSS via crafted post content...

4.8CVSS3AI score0.00564EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/04/12 12:0 a.m.•32 views

Injection Vulnerability

cpp-httplib does not filter \r\n in parameters passed into the setredirect and setheader functions, which creates possibilities for CRLF injection and HTTP response splitting in some specific contexts...

7.5CVSS1.8AI score0.01643EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/04/07 12:0 a.m.•29 views

Cross-site Scripting

Jenkins AWSEB Deployment Plugin does not escape various values printed as part of form validation output, resulting in a reflected cross-site scripting vulnerability...

6.1CVSS1.2AI score0.00816EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/03/30 12:0 a.m.•23 views

Improper Restriction of Operations within the Bounds of a Memory Buffer

An issue was discovered in USC iLab cereal. Serialization of an initialized C/C++ long double variable into a BinaryArchive or PortableBinaryArchive leaks several bytes of stack or heap memory, from which sensitive information such as memory layout or private keys can be gleaned if the archive is...

5.3CVSS1.6AI score0.01534EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/03/30 12:0 a.m.•28 views

Release of Invalid Pointer or Reference

An issue was discovered in USC iLab cereal. It employs caching of std::sharedptr values, using the raw pointer address as a unique identifier. This becomes problematic if a std::sharedptr variable goes out of scope and is freed, and a new std::sharedptr is allocated at the same address...

9.8CVSS1.6AI score0.01977EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/03/27 12:0 a.m.•34 views

Allocation of Resources Without Limits or Throttling

The Kubelet component has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port, and the authenticated HTTPS API typically served on port...

6.5CVSS0.8AI score0.01141EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/03/27 12:0 a.m.•30 views

Allocation of Resources Without Limits or Throttling

The Kubernetes API server component has been found to be vulnerable to a denial of service attack via successful API requests...

5.3CVSS3.4AI score0.02428EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/03/19 12:0 a.m.•23 views

Cross-site Scripting

In ActionView there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the j or escapejavascript methods may be susceptible to XSS...

4.8CVSS2AI score0.01543EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/03/13 12:0 a.m.•49 views

SQL Injection

In Administrate rubygem, when sorting by attributes on a dashboard, the direction parameter was not validated before being interpolated into the SQL query. This could present a SQL injection if the attacker were able to modify the direction parameter and bypass ActiveRecord SQL protections. Whils...

8.1CVSS3AI score0.009EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/02/20 12:0 a.m.•36 views

Improper Verification of Cryptographic Signature

golang.org/x/crypto allows a panic during signature verification in the golang.org/x/crypto/ssh package. A client can attack an SSH server that accepts public keys. Also, a server can attack any SSH client...

7.5CVSS3.4AI score0.21052EPSS
Exploits6References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/02/12 12:0 a.m.•39 views

Insufficiently Protected Credentials

Jenkins Applatix Plugin stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system...

6.5CVSS4.1AI score0.00852EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/01/28 12:0 a.m.•33 views

Inclusion of Functionality from Untrusted Control Sphere

The 1 createbranch, 2 createtag, 3 importproject, and 4 forkproject functions in lib/gitlabprojects.rb allows remote authenticated users to include information from local files into the metadata of a Git repository via the web interface...

6.5CVSS4.2AI score0.01938EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/01/28 12:0 a.m.•32 views

Improper Privilege Management

The parsecmd function in lib/gitlabshell.rb allows remote authenticated users to gain privileges and clone arbitrary repositories...

8.8CVSS5.9AI score0.02EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2020/01/09 12:0 a.m.•59 views

Information Exposure

GSocketClient in GNOME GLib may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxyaddr field is mishandled. This bug is timing-dependent and may occur only sporadically depending on network delays. The greatest...

5.9CVSS1AI score0.02174EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/12/17 12:0 a.m.•31 views

Insufficiently Protected Credentials

A missing permission check in Jenkins Alauda DevOps Pipeline Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

6.5CVSS4.6AI score0.00852EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/12/17 12:0 a.m.•61 views

Cross-Site Request Forgery (CSRF)

A cross-site request forgery vulnerability in Jenkins Alauda DevOps Pipeline allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.8CVSS4.6AI score0.00691EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/11/12 12:0 a.m.•43 views

Loop with Unreachable Exit Condition (Infinite Loop)

Istio allows Denial of Service because continueonlistenerfilterstimeout is set to True...

7.5CVSS2.9AI score0.01214EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/10/29 12:0 a.m.•31 views

Out-of-bounds Read

In Apache Thrift, a server implemented in Go using TJSONProtocol or TSimpleJSONProtocol may panic when feed with invalid input data...

7.5CVSS2.3AI score0.06849EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/10/29 12:0 a.m.•40 views

Loop with Unreachable Exit Condition (Infinite Loop)

In Apache Thrift, a server or client may run into an endless loop when feed with specific input data...

7.8CVSS2.2AI score0.09156EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/10/08 12:0 a.m.•16 views

Improper Authentication

Auth0 auth0.net has Incorrect Access Control because IdentityTokenValidator can be accidentally used to validate untrusted ID tokens...

7.5CVSS3.3AI score0.00891EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/10/01 12:0 a.m.•22 views

XML Entity Expansion

go-yaml is vulnerable to a Billion Laughs Attack...

2.5AI score
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/09/16 12:0 a.m.•64 views

Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)

The File Session Manager in Beego allows local users to read session files because there is a race condition involving file creation within a directory with weak permissions...

4.7CVSS3.6AI score0.00199EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/09/16 12:0 a.m.•43 views

Incorrect Default Permissions

The File Session Manager in Beego allows local users to read session files because of weak permissions for individual files...

5.5CVSS3.9AI score0.00362EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/09/09 12:0 a.m.•61 views

Improper Authentication

Improper authentication is possible in Apache Traffic Control versions if LDAP is enabled for login in the Traffic Ops API component. Given a username for a user that can be authenticated via LDAP, it is possible to improperly authenticate as that user without that user's correct password...

9.8CVSS4.7AI score0.03455EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/08/29 12:0 a.m.•37 views

Credentials Management

The Kubernetes client-go library logs request headers at verbosity levels of 7 or higher. This can disclose credentials to unauthorized users via logs or command output. Kubernetes components such as kube-apiserver which make use of basic or bearer token authentication, and run at high verbosity...

6.5CVSS3.3AI score0.01766EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/08/29 12:0 a.m.•40 views

Incorrect Default Permissions

In kubelet, containers for pods that do not specify an explicit runAsUser attempt to run as uid 0 root on container restart, or if the image was previously pulled to the node. If the pod specified mustRunAsNonRoot: true, the kubelet will refuse to start the container as root. If the pod did not...

7.8CVSS2.8AI score0.00599EPSS
Exploits1References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/08/13 12:0 a.m.•77 views

Incorrect Regular Expression

Istio mishandles regular expressions for long URIs, leading to a denial of service during use of the JWT, VirtualService, HTTPAPISpecBinding, or QuotaSpecBinding API...

7.5CVSS1.2AI score0.02275EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/07/19 12:0 a.m.•25 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Premium Software CLEdit The impact is: An attacker might be able to inject arbitrary html and script code into the web site. The component is: jQuery plug-in. The attack vector is: the victim must open a crafted href attribute of a link A element...

6.1CVSS1.5AI score0.00826EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/07/19 12:0 a.m.•40 views

Pallets Project Flask is vulnerable to Denial of Service via Unexpected memory usage

The Pallets Project Flask before 1.0 is affected by unexpected memory usage. The impact is denial of service. The attack vector is crafted encoded JSON data. The fixed version is 1. NOTE this may overlap CVE-2018-1000656...

7.5CVSS7.4AI score0.03855EPSS
Exploits1References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/06/28 12:0 a.m.•30 views

Improper Input Validation

Istio mishandles certain access tokens, leading to Epoch 0 terminated with an error in Envoy. This is related to a jwtauthenticator.cc segmentation fault...

7.5CVSS3.1AI score0.02193EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/06/13 12:0 a.m.•15 views

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in @apollo/gateway...

3.8AI score
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/06/07 12:0 a.m.•51 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

XSS exists in the HAPI FHIR testpage overlay module of the HAPI FHIR library before 3.8.0. The attack involves unsanitized HTTP parameters being output in a form page, allowing attackers to leak cookies and other sensitive information from ca/uhn/fhir/to/BaseController.java via a specially crafte...

6.1CVSS2.4AI score0.01268EPSS
Exploits0References5Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/06/05 12:0 a.m.•79 views

Cross-site Scripting

XSS exists in the HAPI FHIR testpage overlay module of the HAPI FHIR library. The attack involves unsanitized HTTP parameters being output in a form page, allowing attackers to leak cookies and other sensitive information from ca/uhn/fhir/to/BaseController.java via a specially crafted URL. This...

6.1CVSS2.5AI score0.01268EPSS
Exploits0References4Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/06/05 12:0 a.m.•54 views

Improper Access Control

Istio has Incorrect Access Control...

7.5CVSS3.1AI score0.01175EPSS
Exploits1References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/05/31 12:0 a.m.•44 views

Improper Certificate Validation

An issue was discovered in Hybrid Group Gobot. The mqtt subsystem skips verification of root CA certificates by default...

7.5CVSS1.6AI score0.0071EPSS
Exploits0References1Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/05/14 12:0 a.m.•24 views

Server Side Request Forgery in Apache Axis

A Server Side Request Forgery SSRF vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. Security and bug commits commits continue in the projects Axis 1.x Subversion repository, legacy users are encouraged to build from source. The successor to Axis 1.x is Axis2...

7.5CVSS6.5AI score0.86503EPSS
Exploits7References17
GitLab Advisory Database
GitLab Advisory Database
•added 2019/04/23 12:0 a.m.•4 views

Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

c3p0 version 0.9.5.4 may be exploited by a billion laughs attack when loading XML configuration due to missing protections against recursive entity expansion when loading configuration...

7.5CVSS9.4AI score0.04882EPSS
Exploits1References2
GitLab Advisory Database
GitLab Advisory Database
•added 2019/04/22 12:0 a.m.•34 views

Incorrect Permission Assignment for Critical Resource

In Kubernetes, schema info is cached by kubectl in the location specified by --cache-dir defaulting to $HOME/.kube/http-cache, written with world-writeable permissions rw-rw-rw-. If --cache-dir is specified and pointed at a different location accessible to other users/groups, the written files ma...

5CVSS1.9AI score0.00483EPSS
Exploits0References2Affected Software1
GitLab Advisory Database
GitLab Advisory Database
•added 2019/04/11 12:0 a.m.•44 views

Generation of Error Message Containing Sensitive Information

Auth0 Auth0-WCF-Service-JWT leaks the expected JWT signature in an error message when it cannot successfully validate the JWT signature. If this error message is presented to an attacker, they can forge an arbitrary JWT token that will be accepted by the vulnerable application...

9.8CVSS2.2AI score0.01657EPSS
Exploits0References2Affected Software1
Total number of security vulnerabilities1518