FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- Patch Release: 16.10.2, 16.9.4, 16.8.6

Affected packages
16.10.0 <= gitlab-ce < 16.10.2
16.9.0 <= gitlab-ce < 16.9.4
gitlab-ce < 16.8.6

Details

VuXML ID dad6294c-f7c1-11ee-bb77-001b217b3468
Discovery 2024-04-10
Entry 2024-04-11

Gitlab reports:

Stored XSS injected in diff viewer

Stored XSS via autocomplete results

Redos on Integrations Chat Messages

Redos During Parse Junit Test Report

[source]

References

CVE Name CVE-2023-6489
CVE Name CVE-2023-6678
CVE Name CVE-2024-2279
CVE Name CVE-2024-3092
URL https://about.gitlab.com/releases/2024/04/10/patch-release-gitlab-16-10-2-released/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.