Blog

GitLab shares GitHub’s vulnerability to hosting malware

watch 42s
views 2

15:22, 23.04.2024

GitLab proved to be also vulnerable to GitHub’s vulnerability to posting malware with the help of URL addresses connected to Microsoft repositories.

The vulnerability is related to the comment feature, where one can attach links with a unique URL address in the following format: https://www.github.com/{project_user}/{repo_name}/files/{file_id}/{file_name}» .

The links may be generated while creating a commit comment for repositories of popular and reputable projects and then remain active even in the case the comment hasn’t been published.

The users can attach any files creating a download link for them, and cyber attackers discovered that they can use the feature for sharing malware.

The same vulnerability has been detected in GitLab CDN where links have the following format: https://gitlab.com/{project_group_namr}/{repo_name}/uploads/{file_id}/{file_name}.

Share

Was this article helpful to you?

VPS popular offers

See all products

KVM-HDD 4096

-10%

CPU
CPU
4 Xeon Cores
RAM
RAM
4 GB
Space
Space
100 GB HDD
Bandwidth
Bandwidth
Unlimited
KVM-HDD 4096 Linux

15 /mo

/mo

Billed annually

wKVM-SSD 32768 Metered

-9.6%

CPU
CPU
8 Xeon Cores
RAM
RAM
32 GB
Space
Space
200 GB SSD
Bandwidth
Bandwidth
12 TB
wKVM-SSD 32768 Metered Windows

156 /mo

/mo

Billed annually

KVM-SSD 2048 Metered

-29.4%

CPU
CPU
4 Xeon Cores
RAM
RAM
2 GB
Space
Space
30 GB SSD
Bandwidth
Bandwidth
2 TB
KVM-SSD 2048 Metered Linux

17 /mo

/mo

Billed annually

DDoS Protected SSD-KVM 4096

-16.2%

CPU
CPU
4 Xeon Cores
RAM
RAM
4 GB
Space
Space
50 GB SSD
Bandwidth
Bandwidth
60 Mbps
DDoS Protected SSD-KVM 4096 Linux

67 /mo

/mo

Billed annually

wKVM-HDD HK 4096

-4.5%

CPU
CPU
4 Xeon Cores
RAM
RAM
4 GB
Space
Space
100 GB HDD
Bandwidth
Bandwidth
300 Gb
wKVM-HDD HK 4096 Windows

17.03 /mo

/mo

Billed annually

KVM-SSD 16384 Metered

-20.5%

CPU
CPU
6 Xeon Cores
RAM
RAM
16 GB
Space
Space
150 GB SSD
Bandwidth
Bandwidth
10 TB
KVM-SSD 16384 Metered Linux

95 /mo

/mo

Billed annually

KVM-HDD 16384

-10%

CPU
CPU
6 Xeon Cores
RAM
RAM
16 GB
Space
Space
400 GB HDD
Bandwidth
Bandwidth
Unlimited
KVM-HDD 16384 Linux

50 /mo

/mo

Billed annually

KVM-SSD 8192 Metered

-20.5%

CPU
CPU
6 Xeon Cores
RAM
RAM
8 GB
Space
Space
100 GB SSD
Bandwidth
Bandwidth
8 TB
KVM-SSD 8192 Metered Linux

57 /mo

/mo

Billed annually

Keitaro KVM 65536

-10%

CPU
CPU
10 Epyc Cores
RAM
RAM
64GB
Space
Space
400 GB NVMe
Bandwidth
Bandwidth
Unlimited
Keitaro KVM 65536
OS
CentOS
Software
Software
Keitaro

149.04 /mo

/mo

Billed annually

wKVM-NVMe 16384

-9.3%

CPU
CPU
6 Epyc Cores
RAM
RAM
16 GB
Space
Space
150 GB NVMe
Bandwidth
Bandwidth
Unlimited
wKVM-NVMe 16384 Windows

54.49 /mo

/mo

Billed annually

Other articles on this topic

Black Friday at HostZealot
Black Friday at HostZealot
China Turns Away From Nvidia as Homegrown AI Chips Gain Ground
China Turns Away From Nvidia as Homegrown AI Chips Gain Ground
Donald Trump called on Intel's CEO to resign
Donald Trump called on Intel's CEO to resign
Black Friday at HostZealot
Black Friday at HostZealot
China Turns Away From Nvidia as Homegrown AI Chips Gain Ground
China Turns Away From Nvidia as Homegrown AI Chips Gain Ground
Donald Trump called on Intel's CEO to resign
Donald Trump called on Intel's CEO to resign
cookie

Accept cookies & privacy policy?

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on the HostZealot website.

Privacy Policy Terms of Service