FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Gitlab -- vulnerability

Affected packages
13.7.0 <= gitlab-ce < 13.7.4
13.6.0 <= gitlab-ce < 13.6.5
12.2 <= gitlab-ce < 13.5.7

Details

VuXML ID 0a8ebf4a-5660-11eb-b4e2-001b217b3468
Discovery 2021-01-14
Entry 2021-01-14

SO-AND-SO reports:

Ability to steal a user's API access token through GitLab Pages

References

URL https://about.gitlab.com/releases/2021/01/14/critical-security-release-gitlab-13-7-4-released/