FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
10968dfd-a687-11e6-b2d3-60a44ce6887bgitlab -- Directory traversal via "import/export" feature

GitLab reports:

The import/export feature did not properly check for symbolic links in user-provided archives and therefore it was possible for an authenticated user to retrieve the contents of any file accessible to the GitLab service account. This included sensitive files such as those that contain secret tokens used by the GitLab service to authenticate users.


Discovery 2016-11-02
Entry 2016-11-09
Modified 2017-05-18
gitlab
ge 8.10.0 le 8.10.12

ge 8.11.0 le 8.11.9

ge 8.12.0 le 8.12.7

ge 8.13.0 le 8.13.2

https://about.gitlab.com/2016/11/02/cve-2016-9086-patches/
CVE-2016-9086
ports/214360