FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- Multiple Vulnerabilities

Affected packages
12.1.0	<=	gitlab-ce	<	12.1.6
12.0.0	<=	gitlab-ce	<	12.0.6
10.0.0	<=	gitlab-ce	<	11.11.8

Details

VuXML ID	ddd48087-bd86-11e9-b13f-001b217b3468
Discovery	2019-08-12
Entry	2019-08-13

Gitlab reports:

Insecure Authentication Methods Disabled for Grafana By Default

Multiple Command-Line Flag Injection Vulnerabilities

Insecure Cookie Handling on GitLab Pages

[source]

References

CVE Name	CVE-2019-14942
CVE Name	CVE-2019-14943
CVE Name	CVE-2019-14944
URL	https://about.gitlab.com/2019/08/12/critical-security-release-gitlab-12-dot-1-dot-6-released/