GitLab shares GitHub’s vulnerability to hosting malware

watch 42s
views 2

15:22, 23.04.2024

GitLab proved to be also vulnerable to GitHub’s vulnerability to posting malware with the help of URL addresses connected to Microsoft repositories.

The vulnerability is related to the comment feature, where one can attach links with a unique URL address in the following format: https://www.github.com/{project_user}/{repo_name}/files/{file_id}/{file_name}» .

The links may be generated while creating a commit comment for repositories of popular and reputable projects and then remain active even in the case the comment hasn’t been published.

The users can attach any files creating a download link for them, and cyber attackers discovered that they can use the feature for sharing malware.

The same vulnerability has been detected in GitLab CDN where links have the following format: https://gitlab.com/{project_group_namr}/{repo_name}/uploads/{file_id}/{file_name}.

Share

Was this article helpful to you?

1 users find this article useful

VPS popular offers

-10%

CPU
CPU
3 Xeon Cores
RAM
RAM
1 GB
Space
Space
40 GB HDD
Bandwidth
Bandwidth
Unlimited
KVM-HDD 1024 Linux

6.1 /mo

/mo

Billed annually

-26.7%

CPU
CPU
3 Xeon Cores
RAM
RAM
1 GB
Space
Space
20 GB SSD
Bandwidth
Bandwidth
1 TB
KVM-SSD 1024 Metered Linux

10 /mo

/mo

Billed annually

-24.4%

CPU
CPU
2 Xeon Cores
RAM
RAM
1 GB
Space
Space
20 GB SSD
Bandwidth
Bandwidth
300 GB
KVM-SSD 1024 HK Linux

13 /mo

/mo

Billed annually

-10%

CPU
CPU
6 Xeon Cores
RAM
RAM
8 GB
Space
Space
200 GB HDD
Bandwidth
Bandwidth
Unlimited
KVM-HDD 8192 Linux

25.25 /mo

/mo

Billed annually

-10.2%

CPU
CPU
4 Xeon Cores
RAM
RAM
2 GB
Space
Space
60 GB HDD
Bandwidth
Bandwidth
300 Gb
KVM-HDD HK 2048 Linux

6.4 /mo

/mo

Billed annually

-9.7%

CPU
CPU
10 Xeon Cores
RAM
RAM
64 GB
Space
Space
300 GB SSD
Bandwidth
Bandwidth
Unlimited
wKVM-SSD 65536 Windows

138.99 /mo

/mo

Billed annually

-4.6%

CPU
CPU
3 Xeon Cores
RAM
RAM
1 GB
Space
Space
40 GB HDD
Bandwidth
Bandwidth
300 Gb
wKVM-HDD HK 1024 Windows

10.54 /mo

/mo

Billed annually

-10%

CPU
CPU
4 Xeon Cores
RAM
RAM
2 GB
Space
Space
30 GB SSD
Bandwidth
Bandwidth
Unlimited
KVM-SSD 2048 Linux

8.3 /mo

/mo

Billed annually

-10%

CPU
CPU
6 Xeon Cores
RAM
RAM
8 GB
Space
Space
100 GB SSD
Bandwidth
Bandwidth
Unlimited
KVM-SSD 8192 Linux

25.85 /mo

/mo

Billed annually

-10%

CPU
CPU
6 Epyc Cores
RAM
RAM
8 GB
Space
Space
100 GB NVMe
Bandwidth
Bandwidth
Unlimited
KVM-NVMe 8192 Linux

26.35 /mo

/mo

Billed annually

Other articles on this topic

cookie

Accept cookies & privacy policy?

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we'll assume that you are happy to receive all cookies on the HostZealot website.