FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-07-15 18:39:43 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
10968dfd-a687-11e6-b2d3-60a44ce6887b	gitlab -- Directory traversal via "import/export" feature GitLab reports: The import/export feature did not properly check for symbolic links in user-provided archives and therefore it was possible for an authenticated user to retrieve the contents of any file accessible to the GitLab service account. This included sensitive files such as those that contain secret tokens used by the GitLab service to authenticate users. Discovery 2016-11-02 Entry 2016-11-09 Modified 2017-05-18 gitlab >= 8.10.0 le 8.10.12 >= 8.11.0 le 8.11.9 >= 8.12.0 le 8.12.7 >= 8.13.0 le 8.13.2 https://about.gitlab.com/2016/11/02/cve-2016-9086-patches/ CVE-2016-9086 ports/214360

VuXML ID

Description

10968dfd-a687-11e6-b2d3-60a44ce6887b

gitlab -- Directory traversal via "import/export" feature

GitLab reports:

The import/export feature did not properly check for symbolic links in user-provided archives and therefore it was possible for an authenticated user to retrieve the contents of any file accessible to the GitLab service account. This included sensitive files such as those that contain secret tokens used by the GitLab service to authenticate users.

Discovery 2016-11-02
Entry 2016-11-09
Modified 2017-05-18
gitlab

>= 8.10.0 le 8.10.12

>= 8.11.0 le 8.11.9

>= 8.12.0 le 8.12.7

>= 8.13.0 le 8.13.2

https://about.gitlab.com/2016/11/02/cve-2016-9086-patches/
CVE-2016-9086
ports/214360