FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- Multiple vulnerabilities

Affected packages
13.10.0 <= gitlab-ce < 13.10.1
13.9.0 <= gitlab-ce < 13.9.5
9 <= gitlab-ce < 13.8.7


VuXML ID 56abf87b-96ad-11eb-a218-001b217b3468
Discovery 2021-03-31
Entry 2021-04-06

Gitlab reports:

Arbitrary File Read During Project Import

Kroki Arbitrary File Read/Write

Stored Cross-Site-Scripting in merge requests

Access data of an internal project through a public project fork as an anonymous user

Incident metric images can be deleted by any user

Infinite Loop When a User Access a Merge Request

Stored XSS in scoped labels

Admin CSRF in System Hooks Execution Through API

Update OpenSSL dependency

Update PostgreSQL dependency