GitLab 12.9 < 17.1.7 / 17.2 < 17.2.5 / 17.3 < 17.3.2 (CVE-2024-4612)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: An issue has been discovered in GitLab EE affecting all versions starting from 12.9 before 17.1.7, 17.2 ...

Continue Reading
CVE-2024-4612 URL Redirection to Untrusted Site (‘Open Redirect’) in GitLab

An issue has been discovered in GitLab EE affecting all versions starting from 12.9 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. Under certain conditions an open redirect vulnerability c ...

Continue Reading
CVE-2024-4612 URL Redirection to Untrusted Site (‘Open Redirect’) in GitLab

An issue has been discovered in GitLab EE affecting all versions starting from 12.9 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. Under certain conditions an open redirect vulnerability c ...

Continue Reading
CVE-2024-4612

An issue has been discovered in GitLab EE affecting all versions starting from 12.9 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. Under certain conditions an open redirect vulnerability c ...

Continue Reading
CVE-2024-4612

An issue has been discovered in GitLab EE affecting all versions starting from 12.9 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2. Under certain conditions an open redirect vulnerability c ...

Continue Reading
Session is cached for OpenID and OAuth2 if `redirect` is not used

Summary Unauthenticated user can access credentials of last authenticated user via OpenID or OAuth2 where the authentication URL did not include redirect query string. For example: - Project is config ...

Continue Reading
Session is cached for OpenID and OAuth2 if `redirect` is not used

Summary Unauthenticated user can access credentials of last authenticated user via OpenID or OAuth2 where the authentication URL did not include redirect query string. For example: - Project is config ...

Continue Reading
CVE-2024-7260

An open redirect vulnerability was found in Keycloak. A specially crafted URL can be constructed where the referrer and referrer_uri parameters are made to trick a user to visit a malicious webpage. A ...

Continue Reading

Back to Main

Subscribe for the latest news: