FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- Arbitrary File read in GitLab project import with Git LFS

Affected packages
11.5.0	<=	gitlab-ce	<	11.5.4
11.4.0	<=	gitlab-ce	<	11.4.11
11.0.0	<=	gitlab-ce	<	11.4.0

Details

VuXML ID	757e6ee8-ff91-11e8-a148-001b217b3468
Discovery	2018-12-13
Entry	2018-12-14

Gitlab reports:

Arbitrary File read in GitLab project import with Git LFS

[source]

References

CVE Name	CVE-2018-20144
URL	https://about.gitlab.com/2018/12/13/critical-security-release-gitlab-11-dot-5-dot-4-released/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.