CVE-2022-3514 - How a Regex Bug in GitLab’s Submodule URL Parser Could Crash Your Server
Summary:
In late 2022, security researchers uncovered a dangerous vulnerability—CVE-2022-3514—in GitLab, one of the world’s most popular code-hosting platforms. Problematic versions include
CVE-2022-4342 - GitLab CE/EE Webhook Secrets Leak Explained (with PoC, Details & Patches)
GitLab is at the core of many developers' daily workflow, helping teams to collaborate through code hosting, CI/CD pipelines, and integrations. But in
CVE-2022-3285 - How to Exploit a Healthcheck Allow List Bypass in GitLab (and How to Protect Yourself)
In September 2022, a critical security flaw was discovered in GitLab, one of the world’s most popular DevOps platforms. Tracked as CVE-2022-3285, this bug
CVE-2022-2904 - How a Simple Cross-Site Scripting (XSS) Bug in GitLab Could Let Attackers Take Over User Actions
In 2022, a dangerous vulnerability titled CVE-2022-2904 was uncovered in GitLab Community Edition (CE) and Enterprise Edition (EE). This bug impacted millions of developers worldwide
CVE-2022-3018 - Unlocking GitLab DataDog API Keys via Webhook Logs — An Exclusive Deep Dive
In the world of DevOps, secrets should always be protected. But sometimes, code and configuration don’t keep up, leading to surprising threats. One such
Episode
00:00:00
00:00:00