Blog

GitLab shares GitHub’s vulnerability to hosting malware

watch 42s
views 2

15:22, 23.04.2024

GitLab proved to be also vulnerable to GitHub’s vulnerability to posting malware with the help of URL addresses connected to Microsoft repositories.

The vulnerability is related to the comment feature, where one can attach links with a unique URL address in the following format: https://www.github.com/{project_user}/{repo_name}/files/{file_id}/{file_name}» .

The links may be generated while creating a commit comment for repositories of popular and reputable projects and then remain active even in the case the comment hasn’t been published.

The users can attach any files creating a download link for them, and cyber attackers discovered that they can use the feature for sharing malware.

The same vulnerability has been detected in GitLab CDN where links have the following format: https://gitlab.com/{project_group_namr}/{repo_name}/uploads/{file_id}/{file_name}.

Share

Was this article helpful to you?

VPS popular offers

See all products

KVM-SSD 2048 Metered

-29.4%

CPU
CPU
4 Xeon Cores
RAM
RAM
2 GB
Space
Space
30 GB SSD
Bandwidth
Bandwidth
2 TB
KVM-SSD 2048 Metered Linux

17 /mo

/mo

Billed annually

DDoS Protected SSD-KVM 1024

-15.6%

CPU
CPU
3 Xeon Cores
RAM
RAM
1 GB
Space
Space
20 GB SSD
Bandwidth
Bandwidth
30 Mbps
DDoS Protected SSD-KVM 1024 Linux

38 /mo

/mo

Billed annually

10Ge-KVM-SSD 4096

-10%

CPU
CPU
4 Xeon Cores
RAM
RAM
4 GB
Space
Space
50 GB SSD
Bandwidth
Bandwidth
Unlimited
10Ge-KVM-SSD 4096 Linux

60.5 /mo

/mo

Billed annually

10Ge-KVM-SSD 16384

-10%

CPU
CPU
6 Xeon Cores
RAM
RAM
16 GB
Space
Space
150 GB SSD
Bandwidth
Bandwidth
Unlimited
10Ge-KVM-SSD 16384 Linux

231 /mo

/mo

Billed annually

wKVM-NVMe 32768

-9.5%

CPU
CPU
8 Epyc Cores
RAM
RAM
32 GB
Space
Space
200 GB NVMe
Bandwidth
Bandwidth
Unlimited
wKVM-NVMe 32768 Windows

74.49 /mo

/mo

Billed annually

wKVM-NVMe 2048

-10%

CPU
CPU
3 Epyc Cores
RAM
RAM
2 GB
Space
Space
25 GB NVMe
Bandwidth
Bandwidth
Unlimited
wKVM-NVMe 2048 Windows

9.9 /mo

/mo

Billed annually

wKVM-SSD 32768 Metered

-9.6%

CPU
CPU
8 Xeon Cores
RAM
RAM
32 GB
Space
Space
200 GB SSD
Bandwidth
Bandwidth
12 TB
wKVM-SSD 32768 Metered Windows

156 /mo

/mo

Billed annually

wKVM-SSD 16384

-9.3%

CPU
CPU
6 Xeon Cores
RAM
RAM
16 GB
Space
Space
150 GB SSD
Bandwidth
Bandwidth
Unlimited
wKVM-SSD 16384 Windows

53.99 /mo

/mo

Billed annually

wKVM-HDD 1024

-5%

CPU
CPU
3 Xeon Cores
RAM
RAM
1 GB
Space
Space
40 GB HDD
Bandwidth
Bandwidth
Unlimited
wKVM-HDD 1024 Windows

12.1 /mo

/mo

Billed annually

DDoS Protected SSD-KVM 16384

-10.2%

CPU
CPU
6 Xeon Cores
RAM
RAM
16 GB
Space
Space
150 GB SSD
Bandwidth
Bandwidth
100 Mbps
DDoS Protected SSD-KVM 16384 Linux

123 /mo

/mo

Billed semiannually

Other articles on this topic

Radeon RX 9060 XT: AMD Reveals Mid-Range GPU With PCIe 5.0 and Up to 16GB of Memory
Radeon RX 9060 XT: AMD Reveals Mid-Range GPU With PCIe 5.0 and Up to 16GB of Memory
OpenStack vs VMware: an Open-Source Solution vs. a Proprietary Platform
OpenStack vs VMware: an Open-Source Solution vs. a Proprietary Platform
An EPYC Christmas sale and the results of 2021!
An EPYC Christmas sale and the results of 2021!
Radeon RX 9060 XT: AMD Reveals Mid-Range GPU With PCIe 5.0 and Up to 16GB of Memory
Radeon RX 9060 XT: AMD Reveals Mid-Range GPU With PCIe 5.0 and Up to 16GB of Memory
OpenStack vs VMware: an Open-Source Solution vs. a Proprietary Platform
OpenStack vs VMware: an Open-Source Solution vs. a Proprietary Platform
An EPYC Christmas sale and the results of 2021!
An EPYC Christmas sale and the results of 2021!
cookie

Accept cookies & privacy policy?

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on the HostZealot website.

Privacy Policy Terms of Service