FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID Description

VuXML ID	Description
dc0c201c-31da-11e8-ac53-d8cb8abf62dd	Gitlab -- multiple vulnerabilities GitLab reports: SSRF in services and web hooks There were multiple server-side request forgery issues in the Services feature. An attacker could make requests to servers within the same network of the GitLab instance. This could lead to information disclosure, authentication bypass, or potentially code execution. This issue has been assigned CVE-2018-8801. Gitlab Auth0 integration issue There was an issue with the GitLab `omniauth-auth0` configuration which resulted in the Auth0 integration signing in the wrong users. Discovery 2018-03-20 Entry 2018-03-27 Modified 2018-04-07 gitlab ge 10.5.0 lt 10.5.6 ge 10.4.0 lt 10.4.6 ge 8.3 lt 10.3.9 CVE-2018-8801 https://about.gitlab.com/2018/03/20/critical-security-release-gitlab-10-dot-5-dot-6-released/

dc0c201c-31da-11e8-ac53-d8cb8abf62dd

Gitlab -- multiple vulnerabilities

GitLab reports:

SSRF in services and web hooks

There were multiple server-side request forgery issues in the Services feature. An attacker could make requests to servers within the same network of the GitLab instance. This could lead to information disclosure, authentication bypass, or potentially code execution. This issue has been assigned CVE-2018-8801.

Gitlab Auth0 integration issue

There was an issue with the GitLab omniauth-auth0 configuration which resulted in the Auth0 integration signing in the wrong users.

Discovery 2018-03-20
Entry 2018-03-27
Modified 2018-04-07
gitlab

ge 10.5.0 lt 10.5.6

ge 10.4.0 lt 10.4.6

ge 8.3 lt 10.3.9

CVE-2018-8801
https://about.gitlab.com/2018/03/20/critical-security-release-gitlab-10-dot-5-dot-6-released/