FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- Vulnerabilities

Affected packages
16.9.0 <= gitlab-ce < 16.9.2
16.8.0 <= gitlab-ce < 16.8.4
11.3.0 <= gitlab-ce < 16.7.7

Details

VuXML ID b2caae55-dc38-11ee-96dc-001b217b3468
Discovery 2024-03-06
Entry 2024-03-07

Gitlab reports:

Bypassing CODEOWNERS approval allowing to steal protected variables

Guest with manage group access tokens can rotate and see group access token with owner permissions

References

CVE Name CVE-2024-0199
CVE Name CVE-2024-1299
URL https://about.gitlab.com/releases/2024/03/06/security-release-gitlab-16-9-2-released/