Blog

GitLab shares GitHub’s vulnerability to hosting malware

watch 42s
views 2

15:22, 23.04.2024

GitLab proved to be also vulnerable to GitHub’s vulnerability to posting malware with the help of URL addresses connected to Microsoft repositories.

The vulnerability is related to the comment feature, where one can attach links with a unique URL address in the following format: https://www.github.com/{project_user}/{repo_name}/files/{file_id}/{file_name}» .

The links may be generated while creating a commit comment for repositories of popular and reputable projects and then remain active even in the case the comment hasn’t been published.

The users can attach any files creating a download link for them, and cyber attackers discovered that they can use the feature for sharing malware.

The same vulnerability has been detected in GitLab CDN where links have the following format: https://gitlab.com/{project_group_namr}/{repo_name}/uploads/{file_id}/{file_name}.

Share

Was this article helpful to you?

VPS popular offers

See all products

wKVM-SSD 2048 HK

-21.5%

CPU
CPU
2 Xeon Cores
RAM
RAM
2 GB
Space
Space
75 GB SSD
Bandwidth
Bandwidth
300 GB
wKVM-SSD 2048 HK Windows

26 /mo

/mo

Billed annually

KVM-SSD 512 HK

-13.1%

CPU
CPU
2 Xeon Cores
RAM
RAM
512 MB
Space
Space
10 GB SSD
Bandwidth
Bandwidth
300 GB
KVM-SSD 512 HK Linux

7 /mo

/mo

Billed annually

10Ge-wKVM-SSD 2048

-8.4%

CPU
CPU
4 Xeon Cores
RAM
RAM
2 GB
Space
Space
75 GB SSD
Bandwidth
Bandwidth
Unlimited
10Ge-wKVM-SSD 2048 Windows

37.4 /mo

/mo

Billed annually

10Ge-KVM-SSD 8192

-10%

CPU
CPU
4 Xeon Cores
RAM
RAM
8 GB
Space
Space
100 GB SSD
Bandwidth
Bandwidth
Unlimited
10Ge-KVM-SSD 8192 Linux

115.5 /mo

/mo

Billed annually

wKVM-SSD 8192

-10%

CPU
CPU
6 Xeon Cores
RAM
RAM
8 GB
Space
Space
100 GB SSD
Bandwidth
Bandwidth
Unlimited
wKVM-SSD 8192 Windows

28.44 /mo

/mo

Billed annually

KVM-SSD 32768 Metered

-10%

CPU
CPU
8 Xeon Cores
RAM
RAM
32 GB
Space
Space
200 GB SSD
Bandwidth
Bandwidth
12 TB
KVM-SSD 32768 Metered Linux

150 /mo

/mo

Billed annually

KVM-HDD HK 2048

-10%

CPU
CPU
4 Xeon Cores
RAM
RAM
2 GB
Space
Space
60 GB HDD
Bandwidth
Bandwidth
300 Gb
KVM-HDD HK 2048 Linux

6.19 /mo

/mo

Billed annually

DDoS Protected SSD-wKVM 8192

-15%

CPU
CPU
6 Xeon Cores
RAM
RAM
8 GB
Space
Space
100 GB SSD
Bandwidth
Bandwidth
80 Mbps
DDoS Protected SSD-wKVM 8192 Windows

101 /mo

/mo

Billed annually

MT5 KVM 8192

-10%

CPU
CPU
6 Xeon Cores
RAM
RAM
8 GB
Space
Space
100 GB SSD
Bandwidth
Bandwidth
Unlimited
MT5 KVM 8192 Windows

29.99 /mo

/mo

Billed annually

aiKVM-NVMe 4096

-10%

CPU
CPU
4 Epyc Cores
RAM
RAM
4 GB
Space
Space
50 GB NVMe
Bandwidth
Bandwidth
Unlimited
aiKVM-NVMe 4096 Linux

16.58 /mo

/mo

Billed annually

Other articles on this topic

Intel Begins Massive Restructuring Amid $2.9B Quarterly Loss
Intel Begins Massive Restructuring Amid $2.9B Quarterly Loss
An EPYC Christmas sale and the results of 2021!
An EPYC Christmas sale and the results of 2021!
Record-Breaking DDoS Attack Hits 37.4 TB in Just 45 Seconds
Record-Breaking DDoS Attack Hits 37.4 TB in Just 45 Seconds
Intel Begins Massive Restructuring Amid $2.9B Quarterly Loss
Intel Begins Massive Restructuring Amid $2.9B Quarterly Loss
An EPYC Christmas sale and the results of 2021!
An EPYC Christmas sale and the results of 2021!
Record-Breaking DDoS Attack Hits 37.4 TB in Just 45 Seconds
Record-Breaking DDoS Attack Hits 37.4 TB in Just 45 Seconds
cookie

Accept cookies & privacy policy?

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on the HostZealot website.

Privacy Policy Terms of Service