CVE-2024-5469 - Denial of Service in GitLab KAS via Crafted gRPC Requests - Exploit Details and Analysis
In early June 2024, a significant vulnerability was identified in GitLab CE/EE affecting the Kubernetes Agent Server (KAS). Tracked as CVE-2024-5469, this weakness allows
CVE-2024-4201 - GitLab XML Raw Viewer Cross-Site Scripting (XSS) Exploit Explained
CVE-2024-4201 is a newly discovered security vulnerability in GitLab, one of the most popular platforms for software development. The bug is a form of cross-site
CVE-2024-5318 - How Guest Users Can View Private Project Dependency Lists in GitLab CE/EE
GitLab is one of the most popular platforms for source code management and CI/CD pipelines, used by teams and companies big and small. On
CVE-2024-5258 - Bypassing GitLab Pipeline Authorization Logic – Details, Exploit, and Mitigation
GitLab is one of the most popular platforms for DevOps and version control, widely used by individual developers and big organizations alike. But even the
CVE-2023-7045 - How a CSRF Flaw in GitLab Let Attackers Steal Anti-CSRF Tokens via Kubernetes Agent Server
In late 2023, a critical security vulnerability—CVE-2023-7045—was found in major versions of GitLab Community Edition (CE) and Enterprise Edition (EE). Spanning from version
Episode
00:00:00
00:00:00