FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- Vulnerabilities

Affected packages
13.11.0 <= gitlab-ce < 13.11.2
13.10.0 <= gitlab-ce < 13.10.4
11.6.0 <= gitlab-ce < 13.9.7


VuXML ID 518a119c-a864-11eb-8ddb-001b217b3468
Discovery 2021-04-28
Entry 2021-04-28

Gitlab reports:

Read API scoped tokens can execute mutations

Pull mirror credentials were exposed

Denial of Service when querying repository branches API

Non-owners can set system_note_timestamp when creating / updating issues

DeployToken will impersonate a User with the same ID when using Dependency Proxy


CVE Name CVE-2021-22206
CVE Name CVE-2021-22208
CVE Name CVE-2021-22209
CVE Name CVE-2021-22210
CVE Name CVE-2021-22211