FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- multiple vulnerabilities

Affected packages
11.1.0 <= gitlab-ce < 11.1.2
11.0.0 <= gitlab-ce < 11.0.5
2.7.0 <= gitlab-ce < 10.8.7

Details

VuXML ID 2da838f9-9168-11e8-8c75-d8cb8abf62dd
Discovery 2018-07-26
Entry 2018-07-27

Gitlab reports:

Markdown DoS

Information Disclosure Prometheus Metrics

CSRF in System Hooks

Persistent XSS Pipeline Tooltip

Persistent XSS in Branch Name via Web IDE

Persistent XSS in Branch Name via Web IDE

References

CVE Name CVE-2018-14601
CVE Name CVE-2018-14602
CVE Name CVE-2018-14603
CVE Name CVE-2018-14604
CVE Name CVE-2018-14605
CVE Name CVE-2018-14606
URL https://about.gitlab.com/2018/07/26/security-release-gitlab-11-dot-1-dot-2-released/