FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
467b7cbe-257d-11e9-8573-001b217b3468	Gitlab -- Multiple vulnerabilities Gitlab reports: Remote Command Execution via GitLab Pages Covert Redirect to Steal GitHub/Bitbucket Tokens Remote Mirror Branches Leaked by Git Transfer Refs Denial of Service with Markdown Guests Can View List of Group Merge Requests Guest Can View Merge Request Titles via System Notes Persistent XSS via KaTeX Emails Sent to Unauthorized Users Hyperlink Injection in Notification Emails Unauthorized Access to LFS Objects Trigger Token Exposure Upgrade Rails to 5.0.7.1 and 4.2.11 Contributed Project Information Visible in Private Profile Imported Project Retains Prior Visibility Setting Error disclosure on Project Import Persistent XSS in User Status Last Commit Status Leaked to Guest Users Mitigations for IDN Homograph and RTLO Attacks Access to Internal Wiki When External Wiki Enabled User Can Comment on Locked Project Issues Unauthorized Reaction Emojis by Guest Users User Retains Project Role After Removal from Private Group GitHub Token Leaked to Maintainers Unauthenticated Blind SSRF in Jira Integration Unauthorized Access to Group Membership Validate SAML Response in Group SAML SSO Discovery 2019-01-31 Entry 2019-01-31 gitlab-ce ge 11.7.0 lt 11.7.3 ge 11.6.0 lt 11.6.8 ge 0.0.0 lt 11.5.10 https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/ CVE-2019-6783 CVE-2019-6788 CVE-2019-6785 CVE-2019-6790 CVE-2019-6997 CVE-2019-6784 CVE-2019-6789 CVE-2019-6781 CVE-2019-6786 CVE-2019-6787 CVE-2018-16476 CVE-2019-6782 CVE-2019-6791 CVE-2019-6792 CVE-2019-6796 CVE-2019-6794 CVE-2019-6795 CVE-2019-6960 CVE-2019-6995 CVE-2019-7176 CVE-2019-7155 CVE-2019-6797 CVE-2019-6793 CVE-2019-6996

VuXML ID

Description

467b7cbe-257d-11e9-8573-001b217b3468

Gitlab -- Multiple vulnerabilities

Gitlab reports:

Remote Command Execution via GitLab Pages

Covert Redirect to Steal GitHub/Bitbucket Tokens

Remote Mirror Branches Leaked by Git Transfer Refs

Denial of Service with Markdown

Guests Can View List of Group Merge Requests

Guest Can View Merge Request Titles via System Notes

Persistent XSS via KaTeX

Emails Sent to Unauthorized Users

Hyperlink Injection in Notification Emails

Unauthorized Access to LFS Objects

Trigger Token Exposure

Upgrade Rails to 5.0.7.1 and 4.2.11

Contributed Project Information Visible in Private Profile

Imported Project Retains Prior Visibility Setting

Error disclosure on Project Import

Persistent XSS in User Status

Last Commit Status Leaked to Guest Users

Mitigations for IDN Homograph and RTLO Attacks

Access to Internal Wiki When External Wiki Enabled

User Can Comment on Locked Project Issues

Unauthorized Reaction Emojis by Guest Users

User Retains Project Role After Removal from Private Group

GitHub Token Leaked to Maintainers

Unauthenticated Blind SSRF in Jira Integration

Unauthorized Access to Group Membership

Validate SAML Response in Group SAML SSO

Discovery 2019-01-31
Entry 2019-01-31
gitlab-ce

ge 11.7.0 lt 11.7.3

ge 11.6.0 lt 11.6.8

ge 0.0.0 lt 11.5.10

https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-6783
CVE-2019-6788
CVE-2019-6785
CVE-2019-6790
CVE-2019-6997
CVE-2019-6784
CVE-2019-6789
CVE-2019-6781
CVE-2019-6786
CVE-2019-6787
CVE-2018-16476
CVE-2019-6782
CVE-2019-6791
CVE-2019-6792
CVE-2019-6796
CVE-2019-6794
CVE-2019-6795
CVE-2019-6960
CVE-2019-6995
CVE-2019-7176
CVE-2019-7155
CVE-2019-6797
CVE-2019-6793
CVE-2019-6996