advisories.gitlab.com

Backlink analytics and domain authority

Backlinks

All Dofollow Nofollow UGC DR ▾ Ref. domains ▾ + Add filter

30 backlinks All New Lost

Referring page	DR	Ref. domains	Linked domains	Anchor and target URL
cve-bin-tool https://pypi.org/project/cve-bin-tool pypi.org	83	4,028	30	Gitlab Advisory Database (GAD) https://advisories.gitlab.com/ NOFOLLOW
GHSA-5qw5-wf2q-f538 https://rubysec.com/advisories/GHSA-5qw5-wf2q-f538 rubysec.com	67	11	124	https://advisories.gitlab.com/pkg/gem/activerecord-jdbc-adapter/GHSA-5qw5-wf2q-f538 https://advisories.gitlab.com/pkg/gem/activerecord-jdbc-adapter/GHSA-5qw5-wf2q-f538 DOFOLLOW
GHSA-mpwp-4h2m-765c https://osv.dev/vulnerability/GHSA-mpwp-4h2m-765c osv.dev	58	66	582	https://advisories.gitlab.com/pkg/gem/activejob/OSVDB-112347 https://advisories.gitlab.com/pkg/gem/activejob/OSVDB-112347 DOFOLLOW
CVE-2025-25204 https://feedly.com/cve/CVE-2025-25204 feedly.com	88	41,958	1,201	`gh attestation verify` returns incorrect exit code during verification if no attestations are presentHome on GitLab Advisory Database / 11moA bug in GitHub's Artifact Attestation CLI tool, gh attestation verify, may return an incorrect zero exit status when no matching attestations are found for the specified –predicate-type or the default https://slsa.dev/provenance/v1 if not specified. This issue only arises if an artifact has an attestation with a predicate type different from the one provided in https://advisories.gitlab.com/pkg/golang/github.com/cli/cli/v2/CVE-2025-25204?utm_source=feedly DOFOLLOW
CVE-2025-25204 https://feedly.com/cve/CVE-2025-25204 feedly.com	88	41,958	1,201	`gh attestation verify` returns incorrect exit code during verification if no attestations are presentHome on GitLab Advisory Database / 11moA bug in GitHub's Artifact Attestation CLI tool, gh attestation verify, may return an incorrect zero exit status when no matching attestations are found for the specified –predicate-type or the default https://slsa.dev/provenance/v1 if not specified. This issue only arises if an artifact has an attestation with a predicate type different from the one provided in https://advisories.gitlab.com/pkg/golang/github.com/cli/cli/v2/CVE-2025-25204?utm_source=feedly DOFOLLOW
feedly.com	88	41,958	1,201	org.xwiki.platform:xwiki-platform-security-requiredrights-default required rights analysis doesn't consider TextAreas with default content typeHome on GitLab Advisory Database / 9moWhen editing a page, XWiki warns since version 15.9 when there is content on the page like a script macro that would gain more rights due to the editing. This analysis doesn't consider certain kinds of properties, allowing a user to put malicious scripts in there that will be executed after a user with script, admin, or DOFOLLOW
gitlab_advisory_database https://docs.gitlab.com/user/application_security/gitlab_advisory_database docs.gitlab.com	80	1,154	104	GitLab advisory database https://advisories.gitlab.com/ DOFOLLOW
trivy.dev	69	56	152	here https://advisories.gitlab.com/ DOFOLLOW
CVE-2024-53388 https://feedly.com/cve/CVE-2024-53388 feedly.com	88	41,958	1,201	mavo DOM Clobbering vulnerabilityHome on GitLab Advisory Database / 11moA DOM Clobbering vulnerability in mavo v0.3.2 allows attackers to execute arbitrary code via supplying a crafted HTML element. https://advisories.gitlab.com/pkg/npm/mavo/CVE-2024-53388?utm_source=feedly DOFOLLOW
vulnerabilidad-critica-cve-2026-22709-escape-de-sandbox-e... https://csirt.gob.bo/es/alertas-de-seguridad/vulnerabilidad-critica-cve-2026-22709-escape-de-sandbox-en-vm2 csirt.gob.bo	12	1	50	Gitlab https://advisories.gitlab.com/pkg/npm/vm2/CVE-2026-22709?utm_source=chatgpt.com DOFOLLOW
CVE-2025-24794 https://feedly.com/cve/CVE-2025-24794 feedly.com	88	41,958	1,201	snowflake-connector-python vulnerable to insecure deserialization of the OCSP response cacheHome on GitLab Advisory Database / 12moCVE-2025-24794: snowflake-connector-python vulnerable to insecure deserialization of the OCSP response cache Snowflake released version 3.13.1 of the Snowflake Connector for Python, which fixes this issue. https://advisories.gitlab.com/pkg/pypi/snowflake-connector-python/CVE-2025-24794?utm_source=feedly DOFOLLOW
CVE-2023-25309 https://rubysec.com/advisories/CVE-2023-25309 rubysec.com	67	11	124	https://advisories.gitlab.com/pkg/gem/rollout-ui/CVE-2023-25309 https://advisories.gitlab.com/pkg/gem/rollout-ui/CVE-2023-25309 DOFOLLOW
容器 https://tonybai.com/tag/%E5%AE%B9%E5%99%A8 tonybai.com	54	18	372	https://advisories.gitlab.com/pkg/golang/github.com/containerd/containerd/v2/CVE-2025-64329/ https://advisories.gitlab.com/pkg/golang/github.com/containerd/containerd/v2/CVE-2025-64329 DOFOLLOW
CVE-2023-43632 https://feedly.com/cve/CVE-2023-43632 feedly.com	88	41,958	1,201	EVE Freely Allocates Buffer on The Stack With Data From SocketHome on GitLab Advisory Database / 2dVTPM server listens on port 8877, exposing limited TPM functionality. The server reads 4 bytes as a uint32 size header, then allocates that amount on the stack for incoming data. This allows Denial of Service attacks against the vTPM service. An workload (a container or VM) running on EVE-OS can use this to generate a DOS against the vTPM service. https://advisories.gitlab.com/pkg/golang/github.com/lf-edge/eve/CVE-2023-43632?utm_source=feedly DOFOLLOW
CVE-2025-46735 https://feedly.com/cve/CVE-2025-46735 feedly.com	88	41,958	1,201	Terraform WinDNS Provider improperly sanitizes input variables in `windns_record`Home on GitLab Advisory Database / 9moImpact: A security issue has been found in terraform-provider-windns before version 1.0.5. The windns_record resource did not santize the input variables. This can lead to authenticated command injection in the underlyding powershell command prompt. Patches: https://advisories.gitlab.com/pkg/golang/github.com/nrkno/terraform-provider-windns/CVE-2025-46735?utm_source=feedly DOFOLLOW
CVE-2024-5138 https://feedly.com/cve/CVE-2024-5138 feedly.com	88	41,958	1,201	CVE-2024-5138: snapd snapctl auth bypassHome on GitLab Advisory Database / 12moA snap with prior permissions to create a mount entry on the host, such as firefox, normally uses the permission from one of the per-snap hook programs. A unprivileged users cannot normally trigger that behaviour by using snap run –shell firefox followed by snapctl mount, since snapd validates the requesting user identity (root or non-root). The issue allows unprivileged users to bypass that check by crafting a malicious comman https://advisories.gitlab.com/pkg/golang/github.com/snapcore/snapd/CVE-2024-5138?utm_source=feedly DOFOLLOW
CVE-2025-43915 https://feedly.com/cve/CVE-2025-43915 feedly.com	88	41,958	1,201	Linkerd resource exhaustion vulnerabilityHome on GitLab Advisory Database / 9moIn Buoyant Edge releases before edge-25.2.1 and Enterprise for Linkerd releases 2.16.* before 2.16.5, 2.17.* before 2.17.2, and 2.18.* before 2.18.0, resource exhaustion can occur for Linkerd proxy metrics. https://advisories.gitlab.com/pkg/golang/github.com/linkerd/linkerd2/CVE-2025-43915?utm_source=feedly DOFOLLOW
_index.md https://labs.etsi.org/rep/help/user/application_security/gitlab_advisory_database/_index.md labs.etsi.org	53	4	11	GitLab Advisory Database https://advisories.gitlab.com/ NOFOLLOW
timing-phantom-attack-recovering-private-keys-for-lost-bi... https://key3.ru/timing-phantom-attack-recovering-private-keys-for-lost-bitcoin-wallets-a-critical-vulnerability-with-the-time-morse-technique-and-the-threat-of-a-timing-side-channel key3.ru	8	2	1,437	。 advisories.gitlab https://advisories.gitlab.com/pkg/cargo/libsecp256k1/CVE-2019-25003 DOFOLLOW
CVE-2024-9056 https://feedly.com/cve/CVE-2024-9056 feedly.com	88	41,958	1,201	BentoML Denial of Service (DoS) via Multipart BoundaryHome on GitLab Advisory Database / 10moBentoML version v1.3.4post1 is vulnerable to a Denial of Service (DoS) attack. The vulnerability can be exploited by appending characters, such as dashes (-), to the end of a multipart boundary in an HTTP request. This causes the server to continuously process each character, leading to excessive resource consumption and rendering the service unavailable. The issue is unauthenticated and does not require any user in https://advisories.gitlab.com/pkg/pypi/bentoml/CVE-2024-9056?utm_source=feedly DOFOLLOW
CVE-2020-26311 https://feedly.com/cve/CVE-2020-26311 feedly.com	88	41,958	1,201	useragent Regular Expression Denial of Service vulnerabilityHome on GitLab Advisory Database / 15moUseragent is a user agent parser for Node.js. All versions as of time of publication contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). https://advisories.gitlab.com/pkg/npm/useragent/CVE-2020-26311?utm_source=feedly DOFOLLOW
CVE-2025-65875 https://cvetodo.com/cve/CVE-2025-65875 cvetodo.com	7	1	191	CVE-2024-56520 https://advisories.gitlab.com/pkg/composer/tecnickcom/tc-lib-pdf-font/CVE-2024-56520 DOFOLLOW
russ.cloud	18	1	14	GitLab Advisory (GMS-2025-498) NOFOLLOW
CVE-2024-57602 https://feedly.com/cve/CVE-2024-57602 feedly.com	88	41,958	1,201	Easy!Appointments Improper Restriction of Excessive Authentication AttemptsHome on GitLab Advisory Database / 11moAn issue in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to escalate privileges via the index.php file. https://advisories.gitlab.com/pkg/composer/alextselegidis/easyappointments/CVE-2024-57602?utm_source=feedly DOFOLLOW
OSVDB-112347 https://rubysec.com/advisories/OSVDB-112347 rubysec.com	67	11	124	Vendor Advisory https://advisories.gitlab.com/pkg/gem/activejob/OSVDB-112347 DOFOLLOW
OSVDB-114854 https://rubysec.com/advisories/OSVDB-114854 rubysec.com	67	11	124	https://advisories.gitlab.com/pkg/gem/activerecord-jdbc-adapter/OSVDB-2013-02-25 https://advisories.gitlab.com/pkg/gem/activerecord-jdbc-adapter/OSVDB-2013-02-25 DOFOLLOW
shadows-of-time-attack-a-critical-ecc-timing-vulnerabilit... https://key3.ru/shadows-of-time-attack-a-critical-ecc-timing-vulnerability-in-bitcoin-leading-to-private-key-recovery-and-the-hacking-of-lost-wallets key3.ru	8	2	1,437	https://advisories.gitlab.com/pkg/composer/mdanter/ecc/CVE-2024-33851/ https://advisories.gitlab.com/pkg/composer/mdanter/ecc/CVE-2024-33851 DOFOLLOW
hacktoberfest https://gitlab.com/explore/projects/topics/hacktoberfest gitlab.com	85	10,164	143	https://advisories.gitlab.com https://advisories.gitlab.com/ NOFOLLOW
GHSA-mpwp-4h2m-765c https://rubysec.com/advisories/GHSA-mpwp-4h2m-765c rubysec.com	67	11	124	https://advisories.gitlab.com/pkg/gem/activejob/OSVDB-112347 https://advisories.gitlab.com/pkg/gem/activejob/OSVDB-112347 DOFOLLOW
GHSA-mpwp-4h2m-765c https://rubysec.com/advisories/GHSA-mpwp-4h2m-765c rubysec.com	67	11	124	https://advisories.gitlab.com/pkg/gem/activejob/GHSA-mpwp-4h2m-765c https://advisories.gitlab.com/pkg/gem/activejob/GHSA-mpwp-4h2m-765c DOFOLLOW

▾

Frequently Asked Questions

How many backlinks does advisories.gitlab.com have?

The backlinks page for advisories.gitlab.com shows all individual inbound links discovered in our crawl of the web. Each backlink represents a hyperlink on another website that points to a page on advisories.gitlab.com. Use the filters to narrow results by dofollow/nofollow status, domain rating, or anchor text.

What is a backlink?

A backlink is a hyperlink on one website that points to a page on a different website. Backlinks are one of the most important ranking factors in search engine algorithms because they act as votes of confidence from other sites. The more high-quality backlinks a domain has, the more authority search engines assign to it.

Are the backlinks to advisories.gitlab.com dofollow or nofollow?

Backlinks to advisories.gitlab.com include both dofollow and nofollow links. Dofollow links pass link equity (ranking power) to the target site, while nofollow links include a rel="nofollow" attribute that tells search engines not to pass authority. Both types contribute to a natural backlink profile, but dofollow links carry more SEO weight. You can filter by link type using the rel filter above the table.

How often is backlink data updated?

Backlink data is updated monthly when our web crawler completes a new cycle. Our pipeline processes billions of web pages to discover new backlinks, track lost links, and update domain authority scores. The freshness of data depends on when our crawler last visited the referring pages.