FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-01-25 14:24:43 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
acb4eab6-3f6d-11ef-8657-001b217b3468	Gitlab -- vulnerabilities Gitlab reports: An attacker can run pipeline jobs as an arbitrary user Developer user with admin_compliance_framework permission can change group URL Admin push rules custom role allows creation of project level deploy token Package registry vulnerable to manifest confusion User with admin_group_member permission can ban group members Subdomain takeover in GitLab Pages Discovery 2024-07-10 Entry 2024-07-11 gitlab-ce gitlab-ee >= 17.1.0 lt 17.1.2 >= 17.0.0 lt 17.0.4 >= 11.8.0 lt 16.11.6 CVE-2024-6385 CVE-2024-5257 CVE-2024-5470 CVE-2024-6595 CVE-2024-2880 CVE-2024-5528 https://about.gitlab.com/releases/2024/07/10/patch-release-gitlab-17-1-2-released/

VuXML ID

Description

acb4eab6-3f6d-11ef-8657-001b217b3468

Gitlab -- vulnerabilities

Gitlab reports:

An attacker can run pipeline jobs as an arbitrary user

Developer user with admin_compliance_framework permission can change group URL

Admin push rules custom role allows creation of project level deploy token

Package registry vulnerable to manifest confusion

User with admin_group_member permission can ban group members

Subdomain takeover in GitLab Pages

Discovery 2024-07-10
Entry 2024-07-11
gitlab-ce
gitlab-ee

>= 17.1.0 lt 17.1.2

>= 17.0.0 lt 17.0.4

>= 11.8.0 lt 16.11.6

CVE-2024-6385
CVE-2024-5257
CVE-2024-5470
CVE-2024-6595
CVE-2024-2880
CVE-2024-5528
https://about.gitlab.com/releases/2024/07/10/patch-release-gitlab-17-1-2-released/