GitLab up to 14.0.8/14.1.3/14.2.1 Route /user.keys information disclosure

A vulnerability was found in GitLab up to 14.0.8/14.1.3/14.2.1 (Bug Tracking Software). It has been declared as problematic. This vulnerability affects some unknown processing of the file /user.keys of the component Route Handler. Upgrading to version 14.0.9, 14.1.4 or 14.2.2 eliminates this vulnerability.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-45252 : ELSIGHT HALO PRIOR 11.9.4.0 OS COMMAND INJECTION

CVE-2024-45252 : ELSIGHT HALO PRIOR 11.9.4.0 OS COMMAND INJECTION

Description Elsight – CWE-78: Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) References https://www.gov.il/en/Departments/faq/cve_advisories For

CVE-2024-47350 : YITH WOOCOMMERCE AJAX SEARCH PLUGIN UP TO 2.8.0 ON WORDPRESS SQL INJECTION

CVE-2024-47350 : YITH WOOCOMMERCE AJAX SEARCH PLUGIN UP TO 2.8.0 ON WORDPRESS SQL INJECTION

Description Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in YITH YITH WooCommerce Ajax Search

CVE-2024-9560 : ESAFENET CDG V5 CATELOGS;LOGINDOJOJS DELCATELOGS ID SQL INJECTION

CVE-2024-9560 : ESAFENET CDG V5 CATELOGS;LOGINDOJOJS DELCATELOGS ID SQL INJECTION

Description A vulnerability was found in ESAFENET CDG V5. It has been rated as critical. Affected by this issue is