Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafted linkRead More ...
Continue Reading
February 01, 2024
Insufficient validation of authentication parameters in GitLab Pages for GitLab 11.5+ allows an attacker to steal a victim's API token if they click on a maliciously crafted linkRead More ...
Continue Reading
February 01, 2024
A vulnerability in the internal Kubernetes agent api in GitLab CE/EE version 13.3 and above allows unauthorized access to private projects. Affected versions are: >=13.4, <13.4.5,> ...
Continue Reading
February 01, 2024
Membership changes are not reflected in ToDo subscriptions in GitLab versions prior to 13.2.10, 13.3.7 and 13.4.2, allowing guest users to access confidential issues through...Read More ...
Continue Reading
February 01, 2024
A regular expression denial of service issue has been discovered in NuGet API affecting all versions of GitLab starting from version...Read More ...
Continue Reading
February 01, 2024
A regular expression denial of service issue has been discovered in NuGet API affecting all versions of GitLab starting from version...Read More ...
Continue Reading
February 01, 2024
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the Shard API in TensorFlow expects the last argument to be a function taking two int64 (i.e., long long) arguments. However, there ...
Continue Reading
February 01, 2024
A potential DOS vulnerability was discovered in GitLab versions 13.1, 13.2 and 13.3. The api to update an asset as a link from a release had a regex check which caused exponential number of backtracks ...
Continue Reading
February 01, 2024
Back to Main
