Wednesday, February 17, 2021

FreeBSD: VID-1020D401-6D2D-11EB-AB0B-001B217B3468: Gitlab -- Multiple Vulnerabilities

Description
Gitlab reports: Improper Certificate Validation for Fortinet OTP Denial of Service Attack on gitlab-shell Resource exhaustion due to pending jobs Confidential issue titles were exposed Improper access control allowed demoted project members to access authored merge requests Improper access control allowed unauthorized users to access analytic pages Unauthenticated CI lint API may lead to information disclosure and SSRF Prometheus integration in Gitlab may lead to SSRF
Solution(s)
  • freebsd-upgrade-package-gitlab-ce


  • None
     

    Copyright © 2020 Cyber Details - Vulnerability Database™

    Thanks for everything Templateism - You should have written the code a little more complicated