FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- Multiple vulnerabilities

Affected packages
11.10.0 <= gitlab-ce < 11.10.2
11.9.0 <= gitlab-ce < 11.9.10
6.0.0 <= gitlab-ce < 11.8.9

Details

VuXML ID 1138b39e-6abb-11e9-a685-001b217b3468
Discovery 2019-04-29
Entry 2019-04-29

Gitlab reports:

Moving an Issue to Private Repo Leaks Project Namespace

Notification Emails Sent to Restricted Users

Unauthorized Comments on Confidential Issues

Merge Request Approval Count Inflation

Unsanitized Branch Names on New Merge Request Notification Emails

Improper Sanitation of Credentials in Gitaly

[source]

References

CVE Name CVE-2019-11544
CVE Name CVE-2019-11545
CVE Name CVE-2019-11546
CVE Name CVE-2019-11547
CVE Name CVE-2019-11548
CVE Name CVE-2019-11549
URL https://about.gitlab.com/2019/04/29/security-release-gitlab-11-dot-10-dot-2-released/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.