FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-05-02 10:37:19 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
dad6294c-f7c1-11ee-bb77-001b217b3468Gitlab -- Patch Release: 16.10.2, 16.9.4, 16.8.6

Gitlab reports:

Stored XSS injected in diff viewer

Stored XSS via autocomplete results

Redos on Integrations Chat Messages

Redos During Parse Junit Test Report


Discovery 2024-04-10
Entry 2024-04-11
gitlab-ce
ge 16.10.0 lt 16.10.2

ge 16.9.0 lt 16.9.4

< 16.8.6

CVE-2024-3092
CVE-2024-2279
CVE-2023-6489
CVE-2023-6678
https://about.gitlab.com/releases/2024/04/10/patch-release-gitlab-16-10-2-released/
b2caae55-dc38-11ee-96dc-001b217b3468Gitlab -- Vulnerabilities

Gitlab reports:

Bypassing CODEOWNERS approval allowing to steal protected variables

Guest with manage group access tokens can rotate and see group access token with owner permissions


Discovery 2024-03-06
Entry 2024-03-07
gitlab-ce
ge 16.9.0 lt 16.9.2

ge 16.8.0 lt 16.8.4

ge 11.3.0 lt 16.7.7

CVE-2024-0199
CVE-2024-1299
https://about.gitlab.com/releases/2024/03/06/security-release-gitlab-16-9-2-released/
d2992bc2-ed18-11ee-96dc-001b217b3468Gitlab -- vulnerabilities

Gitlab reports:

Stored-XSS injected in Wiki page via Banzai pipeline

DOS using crafted emojis


Discovery 2024-03-27
Entry 2024-03-28
gitlab-ce
ge 16.10.0 lt 16.10.1

ge 16.9.0 lt 16.9.3

< 16.8.5

CVE-2023-6371
CVE-2024-2818
https://about.gitlab.com/releases/2024/03/27/security-release-gitlab-16-10-1-released/