Wednesday, February 17, 2021

FreeBSD: VID-1020D401-6D2D-11EB-AB0B-001B217B3468: Gitlab -- Multiple Vulnerabilities

freebsd vulnerabilities In: , 
Description
 	Gitlab reports: 	  Improper Certificate Validation for Fortinet OTP	  Denial of Service Attack on gitlab-shell	  Resource exhaustion due to pending jobs	  Confidential issue titles were exposed	  Improper access control allowed demoted project members to access authored merge requests	  Improper access control allowed unauthorized users to access analytic pages	  Unauthenticated CI lint API may lead to information disclosure and SSRF	  Prometheus integration in Gitlab may lead to SSRF   
Solution(s)
  • freebsd-upgrade-package-gitlab-ce


    • None
     

    Copyright © 2021 Vulnerability Database | Cyber Details™

    thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore