Threat Advisories

Input validation flaw in GitLab’s Community and Enterprise Software

August 25, 2022

Threat Level

Vulnerability Report

For a detailed advisory, download the pdf file here

Summary

A remote code execution vulnerability that affects GitLab Community Edition (CE) and Enterprise Edition (EE) has been identified as CVE-2022-2884. It can be exploited using the GitHub import API, However it requires authentication to be triggered.

Grandoreiro Banking Trojan Attacks Industries in Spanish-Speaking Countries

Iranian APT’s new data extraction tool Hyperscrape