API - CVE CyberSecurity Database News (Page 104)

Dec 12, 2024 API Exploit

CVE-2024-12570 - How GitLab CI_JOB_TOKEN Could Leak Your Session Token (Explained with Example)

A serious vulnerability—CVE-2024-12570—has been discovered lurking in GitLab Community Edition (CE) and Enterprise Edition (EE). This security flaw could allow someone who gets

Dec 12, 2024 API Google

CVE-2024-11274 - GitLab NEL Header Injection in K8s Proxy – Exploit Details and Understanding the Risk

A serious security vulnerability— CVE-2024-11274— has come to light in popular source code management platform GitLab Community Edition (CE) and Enterprise Edition (EE). This flaw

Dec 12, 2024 API GraphQL

CVE-2024-12292 - Sensitive Information Leakage via GraphQL Logs in GitLab CE/EE (11.–17.6.1) — Details, Exploit, and Mitigation

On March 6, 2024, GitLab disclosed an information disclosure vulnerability (CVE-2024-12292) affecting its Community Edition (CE) and Enterprise Edition (EE). The flaw exists in all

Dec 12, 2024 API

CVE-2024-10043 - GitLab Wiki Diff Feature Discloses Confidential Incident Titles – Deep Dive, Exploit Demo, and Remediation

On February 2024, a critical security issue dubbed CVE-2024-10043 was publicly disclosed affecting GitLab EE (Enterprise Edition). This vulnerability, found in specific GitLab versions, makes

Dec 12, 2024 API Mac Safari iOS

CVE-2024-54534 - Memory Corruption via Malicious Web Content in Apple OSes – Exploit Details and Patch Information

In June 2024, CVE-2024-54534 was disclosed by Apple, alerting users and developers about a memory corruption vulnerability found in the WebKit engine. This vulnerability could