Impact In addition to running containers as build steps, BuildKit also provides APIs for running interactive containers based on built images. It was possible to use these APIs to ask BuildKit to run ...
Continue Reading
February 01, 2024
Introduction This write-up describes a vulnerability found in Label Studio, a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to 1.11.0 and was tes ...
Continue Reading
February 01, 2024
Missing permission check on fork relation creation in GitLab CE/EE 11.3 and later through 13.0.1 allows guest users to create a fork relation on restricted public projects via...Read More ...
Continue Reading
February 01, 2024
Missing permission check on fork relation creation in GitLab CE/EE 11.3 and later through 13.0.1 allows guest users to create a fork relation on restricted public projects via...Read More ...
Continue Reading
February 01, 2024
Impact In addition to running containers as build steps, BuildKit also provides APIs for running interactive containers based on built images. It was possible to use these APIs to ask BuildKit to run ...
Continue Reading
February 01, 2024
Description: When the application is password-protected (deployed with the ACCESS_CODE option), it is possible to access plugins without proper authorization (without password). Proof-of-Concept: Let� ...
Continue Reading
February 01, 2024
GitLab 12.6 through 12.9 is vulnerable to a privilege escalation that allows an external user to create a personal snippet through the API.Read More ...
Continue Reading
February 01, 2024
GitLab 12.6 through 12.9 is vulnerable to a privilege escalation that allows an external user to create a personal snippet through the API.Read More ...
Continue Reading
February 01, 2024
Back to Main
