GitLab

A critical vulnerability discovered in GitLab Community could enable an attacker to steal runner registration tokens.

The vulnerability announced in GitLab security advisory affects all versions.

If this vulnerability is exploited then an unauthorized user can steal runner registration tokens through an information disclosure vulnerability using quick actions commands.

Source: https://portswigger.net/daily-swig/critical-gitlab-vulnerability-could-allow-attackers-to-steal-runner-registration-tokens

"id": "GIT1372322",
"linkid": "gitlab-com",
"type": "Vulnerability",
"date": "03/2022",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"