FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- Multiple vulnerabilities

Affected packages
11.8.0 <= gitlab-ce < 11.8.1
11.7.0 <= gitlab-ce < 11.7.6
2.9.0 <= gitlab-ce < 11.6.10


VuXML ID 11292460-3f2f-11e9-adcb-001b217b3468
Discovery 2019-03-04
Entry 2019-03-05

Gitlab reports:

Arbitrary file read via MergeRequestDiff

CSRF add Kubernetes cluster integration

Blind SSRF in prometheus integration

Merge request information disclosure

IDOR milestone name information disclosure

Burndown chart information disclosure

Private merge request titles in public project information disclosure

Private namespace disclosure in email notification when issue is moved

Milestone name disclosure

Issue board name disclosure

NPM automatic package referencer

Path traversal snippet mover

Information disclosure repo existence

Issue DoS via Mermaid

Privilege escalation impersonate user


CVE Name CVE-2019-9170
CVE Name CVE-2019-9171
CVE Name CVE-2019-9172
CVE Name CVE-2019-9174
CVE Name CVE-2019-9175
CVE Name CVE-2019-9176
CVE Name CVE-2019-9178
CVE Name CVE-2019-9179
CVE Name CVE-2019-9217
CVE Name CVE-2019-9219
CVE Name CVE-2019-9220
CVE Name CVE-2019-9221
CVE Name CVE-2019-9222
CVE Name CVE-2019-9223
CVE Name CVE-2019-9224
CVE Name CVE-2019-9225
CVE Name CVE-2019-9485