FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- Multiple vulnerabilities

Affected packages
13.9.0 <= gitlab-ce < 13.9.4
13.8.0 <= gitlab-ce < 13.8.6
13.2.0 <= gitlab-ce < 13.7.9

Details

VuXML ID 50e59056-87f2-11eb-b6a2-001b217b3468
Discovery 2021-03-17
Entry 2021-03-18

Gigtlab reports:

Remote code execution via unsafe user-controlled markdown rendering options

References

URL https://about.gitlab.com/releases/2021/03/17/security-release-gitlab-13-9-4-released/