FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- Vulnerabilities

Affected packages
17.0.0 <= gitlab-ce < 17.0.2
16.11.0 <= gitlab-ce < 16.11.4
5.1 <= gitlab-ce < 16.10.7
17.0.0 <= gitlab-ee < 17.0.2
16.11.0 <= gitlab-ee < 16.11.4
5.1 <= gitlab-ee < 16.10.7

Details

VuXML ID 92cd1c03-2940-11ef-bc02-001b217b3468
Discovery 2024-06-12
Entry 2024-06-13

Gitlab reports:

ReDoS in gomod dependency linker

ReDoS in CI interpolation (fix bypass)

ReDoS in Asana integration issue mapping when webhook is called

XSS and content injection when viewing raw XHTML files on iOS devices

Missing agentk request validation could cause KAS to panic

[source]

References

CVE Name CVE-2024-1495
CVE Name CVE-2024-1736
CVE Name CVE-2024-1963
CVE Name CVE-2024-4201
CVE Name CVE-2024-5469
URL https://about.gitlab.com/releases/2024/06/12/patch-release-gitlab-17-0-2-released/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.