FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-01-14 21:31:10 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
4c8c2218-b120-11ee-90ec-001b217b3468	Gitlab -- vulnerabilities Gitlab reports: Account Takeover via Password Reset without user interactions Attacker can abuse Slack/Mattermost integrations to execute slash commands as another user Bypass CODEOWNERS approval removal Workspaces able to be created under different root namespace Commit signature validation ignores headers after signature Discovery 2024-01-11 Entry 2024-01-12 gitlab-ce >= 16.7.0 lt 16.7.2 >= 16.6.0 lt 16.6.4 >= 8.13.0 lt 16.5.6 CVE-2023-7028 CVE-2023-5356 CVE-2023-4812 CVE-2023-6955 CVE-2023-2030 https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/

VuXML ID

Description

4c8c2218-b120-11ee-90ec-001b217b3468

Gitlab -- vulnerabilities

Gitlab reports:

Account Takeover via Password Reset without user interactions

Attacker can abuse Slack/Mattermost integrations to execute slash commands as another user

Bypass CODEOWNERS approval removal

Workspaces able to be created under different root namespace

Commit signature validation ignores headers after signature

Discovery 2024-01-11
Entry 2024-01-12
gitlab-ce

>= 16.7.0 lt 16.7.2

>= 16.6.0 lt 16.6.4

>= 8.13.0 lt 16.5.6

CVE-2023-7028
CVE-2023-5356
CVE-2023-4812
CVE-2023-6955
CVE-2023-2030
https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/