FreshPorts - VuXML

Gitlab reports:

Run pipelines as any user

Stored XSS injected in imported project's commit notes

CSRF on GraphQL API IntrospectionQuery

Remove search results from public projects with unauthorized repos

Cross window forgery in user application OAuth flow

Project maintainers can bypass group's merge request approval policy

ReDoS via custom built markdown page

Private job artifacts can be accessed by any user

Security fixes for banzai pipeline

ReDoS in dependency linker

Denial of service using a crafted OpenAPI file

Merge request title disclosure

Access issues and epics without having an SSO session

Non project member can promote key results to objectives

>= 17.1.0 lt 17.1.1

>= 17.0.0 lt 17.0.3

>= 1.0.0 lt 16.11.5

Gitlab reports:

ReDoS in gomod dependency linker

ReDoS in CI interpolation (fix bypass)

ReDoS in Asana integration issue mapping when webhook is called

XSS and content injection when viewing raw XHTML files on iOS devices

Missing agentk request validation could cause KAS to panic

>= 17.0.0 lt 17.0.2

>= 16.11.0 lt 16.11.4

>= 5.1 lt 16.10.7

Gitlab reports:

Wiki XSS

Sanitize gem updates

XSS in url_for(params)

Content injection via username

Activity feed publicly displaying internal project names

Persistent XSS in charts

>= 11.0.0 lt 11.0.1

>= 10.8.0 lt 10.8.5

>= 4.1 lt 10.7.6

Gitlab reports:

ReDoS in branch search when using wildcards

ReDoS in markdown render pipeline

Redos on Discord integrations

Redos on Google Chat Integration

Denial of Service Attack via Pin Menu

DoS by filtering tags and branches via the API

MR approval via CSRF in SAML SSO

Banned user from groups can read issues updates via the api

Require confirmation before linking JWT identity

View confidential issues title and description of any public project via export

SSRF via Github importer

>= 16.11.0 lt 16.11.2

>= 16.10.0 lt 16.10.5

>= 10.6.0 lt 16.9.7

Gitlab reports:

Remote Code Execution Vulnerability in GitLab Projects Import

>= 11.0.0 lt 11.0.4

>= 10.8.0 lt 10.8.6

>= 8.9.0 lt 10.7.7

Gitlab reports:

GitLab account takeover, under certain conditions, when using Bitbucket as an OAuth provider

Path Traversal leads to DoS and Restricted File Read

Unauthenticated ReDoS in FileFinder when using wildcard filters in project file search

Personal Access Token scopes not honoured by GraphQL subscriptions

Domain based restrictions bypass using a crafted email address

>= 16.11.0 lt 16.11.1

>= 16.10.0 lt 16.10.4

>= 7.8.0 lt 16.9.6

GitLab reports:

Persistent XSS in Move Issue using project namespace

Download Archive allowing unauthorized private repo access

Mattermost Updates

>= 10.7.0 lt 10.7.2

>= 10.6.0 lt 10.6.5

>= 9.5.0 lt 10.5.8

Gitlab reports:

The GitLab Web Interface Does Not Guarantee Information Integrity When Downloading Source Code from Releases

Denial of Service by importing maliciously crafted GitHub repository

Prompt injection in "Resolve Vulnerabilty" results in arbitrary command execution in victim's pipeline

An unauthorized user can perform certain actions through GraphQL after a group owner enables IP restrictions

>= 17.3.0 lt 17.3.1

>= 17.2.0 lt 17.2.4

>= 8.2.0 lt 17.1.6

GitLab reports:

Removing public deploy keys regression

Users can update their password without entering current password

Persistent XSS - Selecting users as allowed merge request approvers

Persistent XSS - Multiple locations of user selection drop downs

include directive in .gitlab-ci.yml allows SSRF requests

Permissions issue in Merge Requests Create Service

Arbitrary assignment of project fields using "Import project"

>= 10.8.0 lt 10.8.2

>= 10.7.0 lt 10.7.5

>= 1.0 lt 10.6.6