FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- Vulnerabilities

Affected packages
16.5.0 <= gitlab-ce < 16.5.1
16.4.0 <= gitlab-ce < 16.4.2
11.6.0 <= gitlab-ce < 16.3.6

Details

VuXML ID a612c25f-788a-11ee-8d57-001b217b3468
Discovery 2023-10-31
Entry 2023-11-01

Gitlab reports:

Disclosure of CI/CD variables using Custom project templates

GitLab omnibus DoS crash via OOM with CI Catalogs

Parsing gitlab-ci.yml with large string via timeout input leads to Denial of Service

DoS - Blocking FIFO files in Tar archives

Titles exposed by service-desk template

Approval on protected environments can be bypassed

Version information disclosure when super_sidebar_logged_out feature flag is enabled

Add abuse detection for search syntax filter pipes

[source]

References

CVE Name CVE-2023-3246
CVE Name CVE-2023-3399
CVE Name CVE-2023-3909
CVE Name CVE-2023-4700
CVE Name CVE-2023-5600
CVE Name CVE-2023-5825
CVE Name CVE-2023-5831
URL https://about.gitlab.com/releases/2023/10/31/security-release-gitlab-16-5-1-16-4-2-16-3-6-released/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.