FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- Multiple Vulnerabilities

Affected packages
12.1.0 <= gitlab-ce < 12.1.2
12.0.0 <= gitlab-ce < 12.0.4
8.9.0 <= gitlab-ce < 11.11.7

Details

VuXML ID 1cd89254-b2db-11e9-8001-001b217b3468
Discovery 2019-07-29
Entry 2019-07-30

Gitlab reports:

GitHub Integration SSRF

Trigger Token Impersonation

Build Status Disclosure

SSRF Mitigation Bypass

Information Disclosure New Issue ID

IDOR Label Name Enumeration

Persistent XSS Wiki Pages

User Revokation Bypass with Mattermost Integration

Arbitrary File Upload via Import Project Archive

Information Disclosure Vulnerability Feedback

Persistent XSS via Email

Denial Of Service Epic Comments

Email Verification Bypass

Override Merge Request Approval Rules

[source]

References

URL https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.