{"vulnerability": "CVE-2024-0402", "sightings": [{"uuid": "774bdec1-c6a8-4613-9bfb-e69c9b878809", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6534", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-0402 Gitlab arbitrary file write/RCE\nURL\uff1ahttps://github.com/ch4nui/CVE-2024-0402-RCE\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-01-31T20:16:09.000000Z"}, {"uuid": "d5e4b7b9-980e-4ec2-8a56-cc40ebdb00d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "Telegram/huzGMqWbWtvpmXqYFwTwkxQT_QEP0CzTdeRN3nnXG71yiA", "content": "", "creation_timestamp": "2024-01-30T17:38:58.000000Z"}, {"uuid": "78527ddd-37c4-4ec3-b158-62bee53e4d70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/362", "content": "Hackers could write ANY file on your GitLab server while creating a workspace. This critical flaw (CVE-2024-0402) affects all versions before 16.5.8! \n \nPatch NOW. Details here \u2192 https://thehackernews.com/2024/01/urgent-upgrade-gitlab-critical.html", "creation_timestamp": "2024-01-30T17:23:40.000000Z"}, {"uuid": "a8853531-b94d-4af4-a999-4553d6ad93f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "https://t.me/cyberden_team/493", "content": "\ud83d\udca5\u0421\u0430\u043c\u044b\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 CVE \u0437\u0430 \u044f\u043d\u0432\u0430\u0440\u044c 2024 \u0433\u043e\u0434\u0430\n\n\u0412 \u044d\u0442\u043e\u0439 \u043f\u043e\u0434\u0431\u043e\u0440\u043a\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u0441\u0430\u043c\u044b\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430 \u044f\u043d\u0432\u0430\u0440\u044c 2024 \u0433\u043e\u0434\u0430:\n\nCVE-2024-23897\nCVE-2024-0402 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.9\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-0204 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-0230 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a02.4\u00a0\u0431\u0430\u043b\u043b\u0430.\nCVE-2024-20253 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.9\u00a0\u0431\u0430\u043b\u043b\u0430.\nCVE-2024-20272 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a07.3\u00a0\u0431\u0430\u043b\u043b\u0430.\nCVE-2024-21591 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-0200 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-0507 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-21737 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a09.1\u00a0\u0431\u0430\u043b\u043b\u0430.\nCVE-2024-21672 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-21673 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-21674 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a07.5\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-22197 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.\nCVE-2024-22198 - \u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u00a0\u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014\u00a08.8\u00a0\u0431\u0430\u043b\u043b\u043e\u0432.", "creation_timestamp": "2024-02-12T11:59:05.000000Z"}, {"uuid": "85a71458-a195-4222-a511-c4fc04f10499", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "https://t.me/true_secator/5356", "content": "GitLab \u0432\u043d\u043e\u0432\u044c \u0440\u0430\u043f\u043e\u0440\u0442\u0443\u0435\u0442 \u043e\u0431 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0438 \u043d\u043e\u0432\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Community Edition (CE) \u0438 Enterprise Edition (EE) \u043f\u043e\u0441\u043b\u0435 \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0439 10-\u0442\u0438 \u0431\u0430\u043b\u044c\u043d\u043e\u0439 CVE-2023-7028.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-0402 \u0438 \u0438\u043c\u0435\u0435\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,9 \u0438\u0437 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0445 10.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u043e\u0442 16.0 \u0434\u043e 16.5.8, \u043e\u0442 16.6 \u0434\u043e 16.6.6, \u043e\u0442 16.7 \u0434\u043e 16.7.4 \u0438 \u043e\u0442 16.8 \u0434\u043e 16.8.1.\n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0432 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043c\u0435\u0441\u0442\u0430 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 GitLab \u043f\u0440\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0438 \u0440\u0430\u0431\u043e\u0447\u0435\u0439 \u043e\u0431\u043b\u0430\u0441\u0442\u0438.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430, \u0447\u0442\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u0431\u044b\u043b\u0438 \u043f\u0435\u0440\u0435\u043d\u0435\u0441\u0435\u043d\u044b \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 16.5.8, 16.6.6, 16.7.4 \u0438 16.8.1.\n\n\u0422\u0430\u043a\u0436\u0435 GitLab \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0447\u0435\u0442\u044b\u0440\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a DoS \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0439 (ReDoS), \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044e HTML \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0433\u043e \u0430\u0434\u0440\u0435\u0441\u0430 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u043e\u0439 \u043f\u043e\u0447\u0442\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0447\u0435\u0440\u0435\u0437 RSS-\u043a\u0430\u043d\u0430\u043b \u0442\u0435\u0433\u043e\u0432.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u0447\u0442\u043e\u0431\u044b \u0441\u043d\u0438\u0437\u0438\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0438\u0441\u043a\u0438.\n\n\u0412 \u0441\u0440\u0435\u0434\u0430\u0445 GitLab.com \u0438 GitLab Dedicated \u0443\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0432\u0435\u0440\u0441\u0438\u044f.", "creation_timestamp": "2024-01-31T10:52:17.000000Z"}, {"uuid": "362fba36-c207-4c8e-a816-0f7e845cbed7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "https://t.me/thehackernews/4478", "content": "Hackers could write ANY file on your GitLab server while creating a workspace. This critical flaw (CVE-2024-0402) affects all versions before 16.5.8! \n \nPatch NOW. Details here \u2192 https://thehackernews.com/2024/01/urgent-upgrade-gitlab-critical.html", "creation_timestamp": "2024-01-30T17:21:56.000000Z"}, {"uuid": "334a8b9f-b8b2-4ec4-91f2-b59b9dce6363", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "https://t.me/xakep_ru/15318", "content": "GitLab \u043f\u0430\u0442\u0447\u0438\u0442 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443, \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u044e\u0449\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f GitLab \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 Community Edition (CE) \u0438 Enterprise Edition (EE). \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u043f\u0440\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u0438 \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432\u0430.\n\nhttps://xakep.ru/2024/01/31/gitlab-cve-2024-0402/", "creation_timestamp": "2024-01-31T16:47:39.000000Z"}, {"uuid": "edd459b8-0fb4-4020-bc35-cf711e24fc69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11946", "content": "#Red_Team_Tactics\n1. Dumping lsass without mimikatz with the exfiltration of the data using FAKE ntp packets\nhttps://github.com/Aur3ns/lsassStealer\n2. Bypassing Windows Defender Application Control with Loki C2\nhttps://securityintelligence.com/x-force/bypassing-windows-defender-application-control-loki-c2\n3. Exploiting CVE-2024-0402 in GitLab\nhttps://blog.doyensec.com/index.html", "creation_timestamp": "2025-03-20T10:49:13.000000Z"}, {"uuid": "5eef3203-3112-44ce-9197-de181bb10f3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "https://bsky.app/profile/r-netsec.bsky.social/post/3lkns6ihg4s2v", "content": "", "creation_timestamp": "2025-03-18T13:39:33.363067Z"}, {"uuid": "263396f0-8068-41c8-b22a-a2e3339891b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "https://bsky.app/profile/jurassiquehack.bsky.social/post/3lkoa6z4xps2a", "content": "", "creation_timestamp": "2025-03-18T17:50:23.495052Z"}, {"uuid": "98514279-2a04-447a-bafe-220db95981be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "https://bsky.app/profile/axcheron.bsky.social/post/3lkoa7uogqs2a", "content": "", "creation_timestamp": "2025-03-18T17:50:52.068965Z"}, {"uuid": "1d2c75d2-d8f2-421a-be69-b9feb26532d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3llgbavccff2k", "content": "", "creation_timestamp": "2025-03-28T07:13:13.944612Z"}, {"uuid": "a9a35da4-31ce-4c86-a190-83085cc32a96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3lljtaopiba23", "content": "", "creation_timestamp": "2025-03-29T17:13:13.522462Z"}, {"uuid": "e27affcb-18a0-468a-96c3-6f2153adaedf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:47:58.000000Z"}, {"uuid": "bc504247-e8d9-456f-b458-64eb49c84ac5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:44.000000Z"}, {"uuid": "a066363a-b3f1-48d5-8364-0e016396e4eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/4239", "content": "\u041d\u0430\u0448\u0430 \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u0430\u044f \u0440\u0443\u0431\u0440\u0438\u043a\u0430\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u043c \u0433\u0438\u0442\u043b\u0430\u0431\u0447\u0438\u043a\u0438 \ud83d\udc85\ud83d\udc85\ud83d\udc85\n\n\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u044b \u043a\u043e\u0440\u0440\u0435\u043a\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b \u0434\u043b\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e\u0439 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 - GitLab 16.8.1, 16.7.4, 16.6.6 \u0438 16.5.8, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u044b 5 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439. \u041e\u0434\u043d\u043e\u0439 \u0438\u0437 \u043f\u0440\u043e\u0431\u043b\u0435\u043c (CVE-2024-0402), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u0440\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 GitLab 16.0, \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044e \u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0432 \u043b\u044e\u0431\u043e\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435, \u043d\u0430\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u044d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u043f\u0440\u0430\u0432\u0430 \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u043f\u043e\u0434 \u043a\u043e\u0442\u043e\u0440\u044b\u043c\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u0441\u044f web-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 GitLab.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u0432 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0440\u0430\u0431\u043e\u0447\u0438\u0445 \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0441\u0442\u0432 (workspace). \u041e\u0448\u0438\u0431\u043a\u0430 \u043f\u0440\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u0440\u0438 \u0440\u0430\u0437\u0431\u043e\u0440\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043e\u0432 devfile, \u0437\u0430\u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u043c \u0444\u043e\u0440\u043c\u0430\u0442\u0435 YAML (\u0432 \u043f\u0430\u0442\u0447\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0440\u0435\u0448\u0435\u043d\u0430 \u043f\u0440\u0435\u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c YAML \u0432 JSON \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u043a\u043e\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0439, \u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u044b\u0445 \u0432 YAML, \u043d\u043e \u043d\u0435\u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u044b\u0445 \u0432 JSON \u0438\u0437-\u0437\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u044b\u0445 Unicode-\u0441\u0438\u043c\u0432\u043e\u043b\u043e\u0432). \u0414\u0435\u0442\u0430\u043b\u044c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043b\u0430\u043d\u0438\u0440\u0443\u044e\u0442 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u0447\u0435\u0440\u0435\u0437 30 \u0434\u043d\u0435\u0439 \u043f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0430 \u0432 \u0445\u043e\u0434\u0435 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u043e\u0434\u043d\u0438\u043c \u0438\u0437 \u0441\u043e\u0442\u0440\u0443\u0434\u043d\u0438\u043a\u043e\u0432 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 GitLab.\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 GitLab, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0432 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435\nhttps://www.opennet.ru/opennews/art.shtml?num=60498\n+\n\u041e\u0440\u0438\u0433\u0438\u043d\u0430\u043b\nhttps://about.gitlab.com/releases/2024/01/25/critical-security-release-gitlab-16-8-1-released/#arbitrary-file-write-while-creating-workspace\n\nIssue https://gitlab.com/gitlab-org/gitlab/-/issues/437819, \u043d\u043e \u043e\u043d\u0430 \u0432 \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435.", "creation_timestamp": "2024-01-26T12:46:40.000000Z"}, {"uuid": "1fb93592-d142-4ce8-b1c1-1778ee3123db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "https://t.me/kasperskyb2b/1125", "content": "\u041d\u0435\u0434\u0435\u043b\u044c\u043a\u0430 \u0432\u044b\u0434\u0430\u043b\u0430\u0441\u044c \u0442\u0430\u043a\u0430\u044f, \u0447\u0442\u043e \u043f\u043e\u0442 \u0431\u0443\u0434\u0435\u0442 \u0442\u0435\u0447\u044c \u0435\u0449\u0451 \u043c\u0435\u0441\u044f\u0446 \ud83d\uddff\n\n4\ufe0f\u20e3 \u0427\u0435\u0442\u044b\u0440\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 runc \u0438 BuildKit \u043f\u0440\u0438\u043d\u0435\u0441\u0443\u0442 \u043c\u043d\u043e\u0433\u043e \u0433\u043e\u043b\u043e\u0432\u043d\u043e\u0439 \u0431\u043e\u043b\u0438, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0430 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043d\u044b\u0445 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440, \u043e \u0447\u0451\u043c \u043c\u044b \u0443\u0436\u0435 \u043f\u0438\u0441\u0430\u043b\u0438.\n\n\u2699\ufe0f \u0410 \u0435\u0441\u043b\u0438 \u0443 \u0432\u0430\u0441 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0435\u0449\u0451 \u0438 GitLab, \u0442\u043e \u0437\u0430\u043e\u0434\u043d\u043e \u043f\u0440\u0438\u0434\u0451\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c \u0438 \u0435\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u043a\u0440\u044b\u0442\u044c CVE-2024-0402 \u0441\u043e \u0441\u043a\u0440\u043e\u043c\u043d\u044b\u043c CVSS 9.9. \u041e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043a\u0430\u043a Community, \u0442\u0430\u043a \u0438 Enterprise edition.\n\n\ud83d\ude0a \u041d\u0443 \u0438 \u0447\u0442\u043e\u0431\u044b \u043e\u043a\u043e\u043d\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0434\u043e\u0431\u0438\u0442\u044c \u0434\u0435\u0432\u043e\u043f\u0441\u043e\u0432, \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u043f\u043e\u043b\u0442\u043e\u0440\u044b \u043d\u0435\u0434\u0435\u043b\u0438 \u043d\u0430\u0437\u0430\u0434 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Jenkins (CVE-2024-23897, CVSS 7.5), \u043f\u043e\u044f\u0432\u0438\u043b\u0438\u0441\u044c \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0438 \u043e\u0442\u043c\u0435\u0447\u0435\u043d\u044b \u043f\u0435\u0440\u0432\u044b\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438.\n\n\ud83d\udd0e \u0410\u0432\u0442\u043e\u0440\u044b Anydesk, \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0433\u043e \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043f\u0440\u0438\u0437\u043d\u0430\u043b\u0438\u0441\u044c, \u0447\u0442\u043e \u0441\u0442\u0430\u043b\u0438 \u0436\u0435\u0440\u0442\u0432\u043e\u0439 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0438. \u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0435\u0439 \u043c\u0430\u043b\u043e, \u043d\u043e \u043f\u043e\u043d\u044f\u0442\u043d\u043e, \u0447\u0442\u043e \u0430\u0442\u0430\u043a\u0430 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u0430\u044f \u2014 \u0432\u044b\u0437\u0432\u0430\u043b\u0438 \u043a\u0430\u0432\u0430\u043b\u0435\u0440\u0438\u044e \u041a\u0440\u0430\u0443\u0434\u0441\u0442\u0440\u0430\u0439\u043a, \u043f\u043e\u043c\u0435\u043d\u044f\u043b\u0438 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u044b. \u041a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0443\u0441\u043f\u043e\u043a\u0430\u0438\u0432\u0430\u044e\u0442 \u043f\u0440\u043e\u0441\u0442\u043e\u0434\u0443\u0448\u043d\u043e: \u00ab\u041c\u044b \u043c\u043e\u0436\u0435\u043c \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u044c, \u0447\u0442\u043e \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u044f \u043f\u043e\u0434 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0435\u043c \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c AnyDesk \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e. \u0423\u0431\u0435\u0434\u0438\u0442\u0435\u0441\u044c, \u0447\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0435 \u0441\u0432\u0435\u0436\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u0441 \u043d\u043e\u0432\u044b\u043c \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u043c \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u043a\u043e\u0434\u0430\u00bb. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u041f\u041e \u044d\u0442\u043e\u0433\u043e \u043a\u043b\u0430\u0441\u0441\u0430, \u043a\u0430\u043a \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u0442\u0430\u043a \u0438 \u043e\u0431\u044b\u0447\u043d\u043e\u0435, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f \u0432 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0430\u0445 \u0438 \u043c\u043e\u0448\u0435\u043d\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u0445\u0435\u043c\u0430\u0445, \u043d\u0438\u0447\u0435\u0433\u043e \u0445\u043e\u0440\u043e\u0448\u0435\u0433\u043e \u0436\u0434\u0430\u0442\u044c \u043d\u0435 \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f.\n\n\ud83d\udc6e\u200d\u2640\ufe0f \u0421\u0438\u0442\u0443\u0430\u0446\u0438\u044f \u0441 \u0437\u0438\u0440\u043e\u0434\u0435\u044f\u043c\u0438 \u0432 VPN-\u0440\u0435\u0448\u0435\u043d\u0438\u044f\u0445 Ivanti (Connect Secure \u0438 Policy Secure)   \u043d\u0430\u043a\u0430\u043b\u0438\u043b\u0430\u0441\u044c \u0434\u043e \u0442\u0430\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438, \u0447\u0442\u043e \u0430\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u043a\u0430\u044f CISA \u0432\u0435\u043b\u0435\u043b\u0430 \u0433\u043e\u0441\u0443\u0447\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f\u043c \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0432 \u0442\u0435\u0447\u0435\u043d\u0438\u0435 \u0434\u0432\u0443\u0445 \u0434\u043d\u0435\u0439. \u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c \u0441\u0430\u043c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u043b\u043d\u044b\u0439 \u0441\u0431\u0440\u043e\u0441 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0441 \u043d\u0430\u043a\u0430\u0442\u044b\u0432\u0430\u043d\u0438\u0435\u043c \u0437\u0430\u0432\u043e\u0434\u0441\u043a\u0438\u0445 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a. \u041a \u0441\u0447\u0430\u0441\u0442\u044c\u044e, \u0432 \u043d\u0430\u0448\u0438\u0445 \u0448\u0438\u0440\u043e\u0442\u0430\u0445 \u044d\u0442\u043e \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e\u0435 \u0438\u0437\u0434\u0435\u043b\u0438\u0435 Ivanti \u043f\u043e\u0447\u0442\u0438 \u043d\u0435  \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f (\u0432 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043e\u0442 MobileIron, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u0440\u0430\u0437 \u0434\u044b\u0440\u044b \u043b\u0430\u0442\u0430\u043b\u0438 \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435).\n\n\ud83d\udee1 Cloudflare \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u043e\u0431\u0440\u0430\u0437\u0446\u043e\u0432\u044b\u0439 \u043e\u0442\u0447\u0451\u0442 \u043e\u0431 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0435, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u043c \u0432 \u043d\u043e\u044f\u0431\u0440\u0435 2023 \u0433\u043e\u0434\u0430. \u041f\u043e\u043b\u044c\u0437\u0443\u044f\u0441\u044c \u043e\u043a\u0442\u044f\u0431\u0440\u044c\u0441\u043a\u0438\u043c \u0432\u0437\u043b\u043e\u043c\u043e\u043c Okta, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043c\u043e\u0433\u043b\u0438 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u0443\u0442\u044c \u0432 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 Cloudflare \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0438\u0445 Confluence, Jira \u0438 Bitbucket. \u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0430\u0432\u0442\u043e\u0440\u043e\u0432 \u043e\u0442\u0447\u0451\u0442\u0430, zero-trust \u0430\u0440\u0445\u0438\u0442\u0435\u043a\u0442\u0443\u0440\u0430 \u0438 \u043e\u0431\u0449\u0438\u0439 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441 \u043c\u0435\u0440 \u0418\u0411 \u043f\u043e\u043c\u0435\u0448\u0430\u043b\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0433\u043b\u0443\u0431\u0436\u0435 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443, \u043f\u043e\u0445\u0438\u0442\u0438\u0442\u044c \u043a\u0430\u043a\u0438\u0435-\u043b\u0438\u0431\u043e \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u043b\u0438 \u0432\u043d\u0435\u0441\u0442\u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u0441\u0435\u0442\u0438. \u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u044d\u0442\u043e, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u043e\u0442\u0440\u0430\u0442\u0438\u043b\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 3 \u043c\u0435\u0441\u044f\u0446\u0430 \u043d\u0430 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u044b\u0439 \u0445\u0430\u0440\u0434\u0435\u043d\u0438\u043d\u0433, \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443 \u0432\u0441\u0435\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0438 \u0437\u0430\u043c\u0435\u043d\u0443 \u0432\u0441\u0435\u0445 \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u043e\u0440\u043e\u0436\u043d\u043e\u0441\u0442\u0438. \u0411\u0443\u0434\u0435\u043c \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u0442\u044c.\n\n\ud83e\udd14 \u0422\u0435\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0435\u043c \u043a\u0442\u043e-\u0442\u043e \u0432\u044b\u043b\u043e\u0436\u0438\u043b \u043d\u0430 Github \u0442\u043e\u043d\u043d\u044b \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 Binance, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0435 \u043a\u043e\u0434\u044b, \u043f\u0430\u0440\u043e\u043b\u0438 \u0438 \u043c\u043d\u043e\u0433\u043e\u0435 \u0434\u0440\u0443\u0433\u043e\u0435.  \u041e\u043d\u043e \u043b\u0435\u0436\u0430\u043b\u043e \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0435 \u0438 Binance \u0441\u043c\u043e\u0433\u043b\u0438 \u0443\u0434\u0430\u043b\u0438\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0442\u043e\u043b\u044c\u043a\u043e \u0447\u0435\u0440\u0435\u0437 \u043a\u043e\u043f\u0438\u0440\u0430\u0439\u0442\u043d\u0443\u044e \u0436\u0430\u043b\u043e\u0431\u0443. \u041a\u0442\u043e \u0437\u0430 \u044d\u0442\u043e \u0432\u0440\u0435\u043c\u044f \u0435\u0451 \u0441\u043a\u0430\u0447\u0430\u043b, \u0438 \u043a\u0430\u043a \u0431\u0443\u0434\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u2014 \u0443\u0437\u043d\u0430\u0435\u043c \u0447\u0435\u0440\u0435\u0437 \u0433\u043e\u0434\u0438\u043a, \u043d\u043e \u0442\u0435\u043c, \u0443 \u043a\u043e\u0433\u043e \u0432 Binance \u043b\u0435\u0436\u0430\u0442 \u043a\u0440\u0438\u043f\u0442\u043e\u0430\u043a\u0442\u0438\u0432\u044b, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e, \u0437\u0430\u0445\u043e\u0447\u0435\u0442\u0441\u044f \u0438\u0445 \u043f\u0435\u0440\u0435\u043b\u043e\u0436\u0438\u0442\u044c \u043f\u043e\u0440\u0430\u043d\u044c\u0448\u0435. \ud83e\udd2a\n\n\ud83d\udc68\u200d\ud83d\udcbb \u0422\u0435\u043f\u0435\u0440\u044c \u043c\u043e\u0436\u043d\u043e \u0434\u043b\u044f \u0443\u0441\u043f\u043e\u043a\u043e\u0435\u043d\u0438\u044f \u043f\u043e\u0447\u0438\u0442\u0430\u0442\u044c APT-\u043e\u0442\u0447\u0451\u0442\u044b.\n\n1\ufe0f\u20e3 \u041a\u0440\u0438\u043f\u0442\u043e\u043c\u0430\u0439\u043d\u0438\u043d\u0433\u043e\u0432\u044b\u0435 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0432\u0441\u0451 \u043c\u043d\u043e\u0436\u0430\u0442\u0441\u044f. Commando Cat \u0430\u0442\u0430\u043a\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b Docker, HeadCrab 2.0 \u0446\u0435\u043b\u0438\u0442\u0441\u044f \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u044b Redis.\n\n\ud83d\udcac \u0410\u043d\u0430\u043b\u0438\u0437 USB-\u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430 \u043e\u0442  UNC4990,  \u0444\u0438\u043d\u0430\u043d\u0441\u043e\u0432\u043e \u043c\u043e\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438, \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043e\u0440\u0443\u0434\u0443\u044e\u0449\u0435\u0439 \u0432 \u0415\u0432\u0440\u043e\u043f\u0435.\n\n\ud83d\udfe1 \u0410 \u0432 \u0420\u043e\u0441\u0441\u0438\u0438 \u0444\u0438\u0448\u0438\u043d\u0433 \u0438 \u0438\u043d\u0444\u043e\u0441\u0442\u0438\u043b\u0435\u0440\u044b \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442\u0441\u044f \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u044b\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u043e\u0439 Scaly Wolf.\n\n\u0421\u0443\u0434\u044f \u043f\u043e \u0442\u0440\u0435\u0432\u043e\u0436\u043d\u044b\u043c \u0440\u0435\u043b\u044f\u0446\u0438\u044f\u043c UA-CERT, \u0412\u041f\u041e PurpleFOX/DirtyMoe, \u0440\u0430\u043d\u0435\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u043e\u0435 \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0432 \u041a\u0438\u0442\u0430\u0435, \u043d\u0430\u0447\u0430\u043b\u043e \u043f\u043e\u0431\u0435\u0434\u043d\u043e\u0435 \u0448\u0435\u0441\u0442\u0432\u0438\u0435 \u043f\u043e \u0434\u0440\u0443\u0433\u0438\u043c \u0447\u0430\u0441\u0442\u044f\u043c \u043a\u043e\u043d\u0442\u0438\u043d\u0435\u043d\u0442\u0430. \u042d\u0442\u043e \u043d\u0435\u043c\u043e\u043b\u043e\u0434\u043e\u0439, \u043d\u043e \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0435\u043c\u044b\u0439 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 \u043a\u043e\u043c\u043c\u0435\u0440\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0431\u043e\u0442\u043d\u0435\u0442\u0430, \u0438\u043c\u0435\u044e\u0449\u0438\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0440\u0443\u0442\u043a\u0438\u0442\u0430 \u0438 \u0441\u0430\u043c\u043e\u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f. \u042d\u0432\u043e\u043b\u044e\u0446\u0438\u044f \u0412\u041f\u041e \u043d\u0435\u043f\u043b\u043e\u0445\u043e \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430 (1, 2, 3).\n\n\ud83d\uddc4 \u0421\u0435\u0440\u0432\u0435\u0440\u043d\u044b\u0439 P2P-\u0431\u043e\u0442\u043d\u0435\u0442 FritzFrog, \u0440\u0430\u043d\u0435\u0435 \u0440\u0430\u0437\u043c\u043d\u043e\u0436\u0430\u0432\u0448\u0438\u0439\u0441\u044f \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0431\u0440\u0443\u0442\u0444\u043e\u0440\u0441\u043e\u043c SSH, \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0441\u044f \u0438 \u0441\u0442\u0430\u043b \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c Log4shell.\n\n#\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 #APT @\u041f2\u0422", "creation_timestamp": "2024-02-05T09:10:19.000000Z"}, {"uuid": "312eb387-d4a2-4c40-a186-95c6d264ddd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/3406", "content": "Hackers could write ANY file on your GitLab server while creating a workspace. This critical flaw (CVE-2024-0402) affects all versions before 16.5.8! \n \nPatch NOW. Details here \u2192 https://thehackernews.com/2024/01/urgent-upgrade-gitlab-critical.html", "creation_timestamp": "2024-01-30T17:23:40.000000Z"}, {"uuid": "5ac9a1a7-ec9d-42b2-a0b7-5074b745a967", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "https://t.me/arpsyndicate/3294", "content": "#ExploitObserverAlert\n\nCVE-2024-0402\n\nDESCRIPTION: Exploit Observer has 4 entries in 3 file formats related to CVE-2024-0402. An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 which allows an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace.", "creation_timestamp": "2024-01-28T13:16:07.000000Z"}, {"uuid": "8878a37e-be7a-4f3e-b00c-b1ed903076c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "https://t.me/ctinow/173953", "content": "https://ift.tt/8NCo51U\nCVE-2024-0402", "creation_timestamp": "2024-01-26T02:26:35.000000Z"}, {"uuid": "f039cf18-1ea3-4e07-84e5-c65aceda2fda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lkqgpxk4qk2a", "content": "", "creation_timestamp": "2025-03-19T14:52:34.176983Z"}, {"uuid": "13aee47c-dcb6-406a-b690-42e7b712d783", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1216", "content": "", "creation_timestamp": "2024-01-31T04:00:00.000000Z"}, {"uuid": "d13f8e2a-7a87-49b8-b620-c765599445b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_07/2024", "content": "", "creation_timestamp": "2024-02-02T10:35:00.000000Z"}, {"uuid": "c31296d7-f6c2-474b-a074-6274a43a3ac7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/438", "content": "Top Security News for Today\n\nAuditing language models for hidden objectives  \nhttps://arxiv.org/abs/2503.10965\n\nCombinatorial Optimization for All: Using LLMs to Aid Non-Experts in Improving Optimization Algorithms  \nhttps://arxiv.org/abs/2503.10968\n\nIs Security Human Factors Research Skewed Towards Western Ideas and Habits?  \nhttps://www.schneier.com/blog/archives/2025/03/is-security-human-factors-research-skewed-towards-western-ideas-and-habits.html\n\nLearn how an out-of-bounds write vulnerability in the Linux kernel can be exploited to achieve an LPE (CVE-2025-0927)  \nhttps://www.reddit.com/r/netsec/comments/1je3w9o/learn_how_an_outofbounds_write_vulnerability_in/\n\nWhat is Bundesamt f\u00fcr Sicherheit in der Informationstechnik (BSI)?  \nhttps://www.tripwire.com/state-of-security/what-is-bundesamt-fur-sicherheit-in-der-informationstechnik-bsi\n\nArbitrary File Write CVE-2024-0402 in GitLab (Exploit)  \nhttps://www.reddit.com/r/netsec/comments/1je4j6r/arbitrary_file_write_cve20240402_in_gitlab_exploit/\n\nSAML roulette: the hacker always wins  \nhttps://www.reddit.com/r/netsec/comments/1je8f1h/saml_roulette_the_hacker_always_wins/\n\nAI innovation requires AI security: Hear what\u2019s new at Microsoft Secure  \nhttps://techcommunity.microsoft.com/blog/microsoft-security-blog/ai-innovation-requires-ai-security-hear-what%e2%80%99s-new-at-microsoft-secure/4394130\n\nFollow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2025-03-19T09:30:20.000000Z"}, {"uuid": "4b4ec63b-e5df-460e-a49a-ed2d17c1f359", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "https://t.me/KomunitiSiber/1416", "content": "URGENT: Upgrade GitLab - Critical Workspace Creation Flaw Allows File Overwrite\nhttps://thehackernews.com/2024/01/urgent-upgrade-gitlab-critical.html\n\nGitLab once again released fixes to address a critical security flaw in its Community Edition (CE) and Enterprise Edition (EE) that could be exploited to write arbitrary files while creating a\u00a0workspace.\nTracked as\u00a0CVE-2024-0402, the vulnerability has a CVSS score of 9.9 out of a maximum of 10.\n\"An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to", "creation_timestamp": "2024-01-30T18:27:39.000000Z"}, {"uuid": "93448500-2b7b-4140-846d-d8515d4329e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "https://t.me/ctinow/175898", "content": "https://ift.tt/dDvRcat\nSelf-managed GitLab installations should be patched again (CVE-2024-0402)", "creation_timestamp": "2024-01-30T13:36:42.000000Z"}, {"uuid": "42d0a527-799e-4cd4-8339-ac5f0524bad1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "https://t.me/ctinow/174171", "content": "https://ift.tt/0su8rKn\nGitLab Arbitrary File Write Vulnerability (CVE-2024-0402) Alert", "creation_timestamp": "2024-01-26T11:56:47.000000Z"}, {"uuid": "936772cc-d7cc-4f73-9d8b-2ab09bb6f8c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "Telegram/3NqZXiINYKkYnrowRjvrmNF1xeNstsLY6H82fFAajnJfFKw", "content": "", "creation_timestamp": "2024-01-31T18:18:51.000000Z"}, {"uuid": "d40aa8e3-2c64-431f-99bc-067a4fce8eee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-0402", "type": "seen", "source": "https://bsky.app/profile/r-netsec-bot.bsky.social/post/3lknqpgsrfy2k", "content": "", "creation_timestamp": "2025-03-18T13:13:14.632564Z"}]}