Rapt00R

Name of the Vulnerable Software and Affected Versions: gitlab-vscode-extension versions 3.15.0 and earlier Description: The issue allows for client-side code execution, enabling an attacker to execute code on a user's system. Recommendations: For gitlab-vscode-extension versions 3.15.0 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** TP-Link TL-WR840N version 0.9.1 3.16 and earlier **Description** The issue concerns the traceroute function, which is vulnerable to remote code execution. This can be achieved by sending a crafted payload in an IP address input field. The vulnerability is related to insufficient input validation, allowing a remote attacker to execute arbitrary code using a specially crafted payload. **Recommendations** For TP-Link TL-WR840N version 0.9.1 3.16 and earlier, consider disabling the traceroute function until a patch is available to prevent potential exploitation. Restrict access to the router's IP address input field to minimize the risk of remote code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.