CVE-2022-3572 - Cross-Site Scripting (XSS) in GitLab Jira Connect Integration — How It Was Exploited and Why It Matters
In June 2022, a serious security issue—CVE-2022-3572—was discovered in GitLab Community and Enterprise editions (CE/EE). This vulnerability impacts all versions from 13.
CVE-2022-3478 - GitLab NuGet Package Upload Denial-of-Service—A Deep Dive
In today’s DevOps culture, GitLab stands as a staple in CI/CD and source code management. But with exposure comes risk. In late 2022,
CVE-2022-3482 - GitLab Improper Access Control Lets Outsiders View Secret Release Names
CVE-2022-3482 is an improper access control issue found in GitLab Community Edition (CE) and Enterprise Edition (EE). This security bug affected a *lot* of GitLab
CVE-2022-2251 - How Improper Branch Name Sanitization Led to Command Injection in GitLab Runner
If you use GitLab CI/CD pipelines regularly, knowing about CVE-2022-2251 is crucial. This vulnerability, disclosed in 2022, affected almost every version of GitLab Runner
CVE-2023-0042 - GitLab Pages Arbitrary Protocol Redirect Vulnerability Explained
If you’re developing with GitLab or exposing websites with GitLab Pages, a serious security flaw called CVE-2023-0042 may affect your projects. This vulnerability, disclosed
Episode
00:00:00
00:00:00