CVE-2024-5469 - Denial of Service in GitLab KAS via Crafted gRPC Requests - Exploit Details and Analysis
In early June 2024, a significant vulnerability was identified in GitLab CE/EE affecting the Kubernetes Agent Server (KAS). Tracked as CVE-2024-5469, this weakness allows
CVE-2024-5318 - How Guest Users Can View Private Project Dependency Lists in GitLab CE/EE
GitLab is one of the most popular platforms for source code management and CI/CD pipelines, used by teams and companies big and small. On
CVE-2024-5258 - Bypassing GitLab Pipeline Authorization Logic – Details, Exploit, and Mitigation
GitLab is one of the most popular platforms for DevOps and version control, widely used by individual developers and big organizations alike. But even the
CVE-2023-7045 - How a CSRF Flaw in GitLab Let Attackers Steal Anti-CSRF Tokens via Kubernetes Agent Server
In late 2023, a critical security vulnerability—CVE-2023-7045—was found in major versions of GitLab Community Edition (CE) and Enterprise Edition (EE). Spanning from version
CVE-2024-1947 - Exploiting GitLab API for Denial of Service (DoS) – Exclusive Insight & Exploit Walkthrough
A new vulnerability, CVE-2024-1947, was recently discovered in GitLab CE/EE, shaking up developer communities around the world. This Denial of Service (DoS) issue could
Episode
00:00:00
00:00:00