FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- vulnerabilities

Affected packages
16.8.0	<=	gitlab-ce	<	16.8.2
16.7.0	<=	gitlab-ce	<	16.7.5
13.3.0	<=	gitlab-ce	<	16.6.7

Details

VuXML ID	6b2cba6a-c6a5-11ee-97d0-001b217b3468
Discovery	2024-02-07
Entry	2024-02-08

Gitlab reports:

Restrict group access token creation for custom roles

Project maintainers can bypass group's scan result policy block_branch_modification setting

ReDoS in CI/CD Pipeline Editor while verifying Pipeline syntax

Resource exhaustion using GraphQL vulnerabilitiesCountByDay

[source]

References

CVE Name	CVE-2023-6386
CVE Name	CVE-2023-6840
CVE Name	CVE-2024-1066
CVE Name	CVE-2024-1250
URL	https://about.gitlab.com/releases/2024/02/07/security-release-gitlab-16-8-2-released/