FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- Multiple Vulnerabilities

Affected packages
12.5.0 <= gitlab-ce < 12.5.4
12.4.0 <= gitlab-ce < 12.4.6
10.5.0 <= gitlab-ce < 12.3.9

Details

VuXML ID 21944144-1b90-11ea-a2d4-001b217b3468
Discovery 2019-12-10
Entry 2019-12-10

Gitlab reports:

Path traversal with potential remote code execution

Disclosure of private code via Elasticsearch integration

Update Git dependency

References

CVE Name CVE-2019-19604
CVE Name CVE-2019-19628
CVE Name CVE-2019-19629
URL https://about.gitlab.com/blog/2019/12/10/critical-security-release-gitlab-12-5-4-released/