Blog

GitLab shares GitHub’s vulnerability to hosting malware

watch 42s
views 2

15:22, 23.04.2024

GitLab proved to be also vulnerable to GitHub’s vulnerability to posting malware with the help of URL addresses connected to Microsoft repositories.

The vulnerability is related to the comment feature, where one can attach links with a unique URL address in the following format: https://www.github.com/{project_user}/{repo_name}/files/{file_id}/{file_name}» .

The links may be generated while creating a commit comment for repositories of popular and reputable projects and then remain active even in the case the comment hasn’t been published.

The users can attach any files creating a download link for them, and cyber attackers discovered that they can use the feature for sharing malware.

The same vulnerability has been detected in GitLab CDN where links have the following format: https://gitlab.com/{project_group_namr}/{repo_name}/uploads/{file_id}/{file_name}.

Share

Was this article helpful to you?

VPS popular offers

See all products

KVM-SSD 65536

sale

-15%

CPU
CPU
10 Xeon Cores
RAM
RAM
64 GB
Space
Space
300 GB SSD
Bandwidth
Bandwidth
Unlimited
KVM-SSD 65536 Linux

134.99 /mo

/mo

Billed monthly

KVM-HDD 8192

sale

-15%

CPU
CPU
6 Xeon Cores
RAM
RAM
8 GB
Space
Space
200 GB HDD
Bandwidth
Bandwidth
Unlimited
KVM-HDD 8192 Linux

25.25 /mo

/mo

Billed monthly

KVM-SSD 1024 Metered

sale

-26.7%

CPU
CPU
3 Xeon Cores
RAM
RAM
1 GB
Space
Space
20 GB SSD
Bandwidth
Bandwidth
1 TB
KVM-SSD 1024 Metered Linux

10 /mo

/mo

Billed annually

KVM-SSD 512 Metered

sale

-15.6%

CPU
CPU
2 Xeon Cores
RAM
RAM
512 MB
Space
Space
10 GB SSD
Bandwidth
Bandwidth
1 TB
KVM-SSD 512 Metered Linux

5.33 /mo

/mo

Billed annually

KVM-HDD 2048

sale

-14.9%

CPU
CPU
4 Xeon Cores
RAM
RAM
2 GB
Space
Space
60 GB HDD
Bandwidth
Bandwidth
Unlimited
KVM-HDD 2048 Linux

7.7 /mo

/mo

Billed semiannually

wKVM-HDD 4096

sale

-15%

CPU
CPU
4 Xeon Cores
RAM
RAM
4 GB
Space
Space
100 GB HDD
Bandwidth
Bandwidth
Unlimited
wKVM-HDD 4096 Windows

21 /mo

/mo

Billed semiannually

KVM-SSD 4096 HK

sale

-22.2%

CPU
CPU
4 Xeon Cores
RAM
RAM
4 GB
Space
Space
50 GB SSD
Bandwidth
Bandwidth
300 GB
KVM-SSD 4096 HK Linux

33 /mo

/mo

Billed annually

KVM-NVMe 1024

sale

-14.9%

CPU
CPU
2 Epyc Cores
RAM
RAM
1 GB
Space
Space
10 GB NVMe
Bandwidth
Bandwidth
Unlimited
KVM-NVMe 1024 Linux

7.1 /mo

/mo

Billed semiannually

KVM-SSD 4096 Metered

sale

-24.7%

CPU
CPU
4 Xeon Cores
RAM
RAM
4 GB
Space
Space
50 GB SSD
Bandwidth
Bandwidth
4 TB
KVM-SSD 4096 Metered Linux

31 /mo

/mo

Billed annually

10Ge-KVM-SSD 16384

sale

-15%

CPU
CPU
6 Xeon Cores
RAM
RAM
16 GB
Space
Space
150 GB SSD
Bandwidth
Bandwidth
Unlimited
10Ge-KVM-SSD 16384 Linux

231 /mo

/mo

Billed monthly

Other articles on this topic

Amazon's Bold Move Towards Full Automation: 600,000 Jobs at Risk
Amazon's Bold Move Towards Full Automation: 600,000 Jobs at Risk
Joomla 5.2.2 release
Joomla 5.2.2 release
The support period of Ubuntu LTS releases 22.04 and 24.04 is increased to 10 years
The support period of Ubuntu LTS releases 22.04 and 24.04 is increased to 10 years
Amazon's Bold Move Towards Full Automation: 600,000 Jobs at Risk
Amazon's Bold Move Towards Full Automation: 600,000 Jobs at Risk
Joomla 5.2.2 release
Joomla 5.2.2 release
The support period of Ubuntu LTS releases 22.04 and 24.04 is increased to 10 years
The support period of Ubuntu LTS releases 22.04 and 24.04 is increased to 10 years
cookie

Accept cookies & privacy policy?

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on the HostZealot website.

Privacy Policy Terms of Service